A while back I noticed a visual bug on a specific webpage. I mean a real insect bug, crawling across the bottom of the screen on a corporate webpage[1]. It genuinely scared the shit out of me. I thought there was a bug inside my laptop. I had a few reputable extensions in that browser profile, but it contained bpwc. Downloaded, of course from the official repo.
I restarted my browser and removed bpwc from that profile. I never saw it again. Now i use it only in a specific browser profile called paywalls. I don't know what extension or ad injection caused it, but that experience, along with the countless articles about the malware in extensions has caused me to be a lot more careful.
I am not accusing bpwc of course, it is open source and well regarded, but if anyone has any insight into what happened I would be curious to hear.
On Firefox, this extension doesn't ask to run on all domains that you visit, only the news sites it bypasses paywalls. For example I visited deepl.com now and it doesn't have permission to run.
That's the default, but Firefox does offer toggle to give it permission to run on all pages you visit, I never clicked it (never seen the need to).
Also for Firefox, Mozilla banned it from their extension store (like Chrome did) after a legal threat from news publishers, but they still have to sign the extension and approve every new release even though it is distributed outside the Mozilla extension store now.
It's a shame the creator had to put this on a Russian github clone. But after getting DMCA'd off Gitlab, Mozilla Extensions & Github they didn't have much of a choice.
Just dreading a supply side attack...