The WeTab / Infinity team has responded to this [1] (in Chinese). Basically, they argue that:

gudzpoz • today at 6:46 PM • 1 reply • view on HN

- The Clean Master extension has long been sold, and the malicious updated was not pushed by them.

- The other two mentioned extensions are not at all malicious. They collect use info for extension opt-out-able features and analytics (using Google Analytics and Baidu Analytics).

- They are communicating with the extension stores to restore their extension.

Let's hope it's not an AI company making AI-generated accusations.

[1] https://mp.weixin.qq.com/s/E8YQLWZFM2J7r5DZNSl47w & https://www.v2ex.com/t/1176484

Replies

gkbrk • today at 6:51 PM

The first point isn't meaningful from a user's perspective.

There's no difference between me trusting you and you pushing malware to me vs you selling your deploy access to a third party and the third party pushing malware to me.

Especially if selling the extension doesn't remove the old one from the browser automatically and reset it's rating to 0, download count to 0 and remove all the comments/reviews.

➕ show 1 reply

alt Hacker News

Replies