Forum Discussion
This is why manifest V3 to tighten the security is a must have. there are devious extension developers out there, even when the extension is open source, they can do malicious stuff.
https://www.ghacks.net/2020/10/16/time-to-remove-nano-adblocker-and-defender-from-your-browsers-except-firefox/
The developer of the extension revealed on the official GitHub that he decided to sell the extension twelve days ago to two Turkish developers.
The new owners uploaded a new version to the Chrome store, and careful analysis of the code of the extension revealed that it contained a new connect.js file that did not come from the project's GitHub page.
Hill provided an analysis of the code and discovered that the new code allowed the developers to submit user activity and data to remote servers.
The extension is now designed to lookup specific information from your outgoing network requests according to an externally configurable heuristics and send it to
Hill suggested that users uninstall Nano Defender / Nano Adblocker immediately to block data from being submitted to the new owners.
I don't think anyone should 100% trust any 3rd party extension developer or complain for additional securities such as the ones outlined in manifest V3 that protects users.
However, the security provided by V3 relies heavily on the ability of reviewers - because hard restrictions introduced by V3 can be bypassed easily by hacking techniques such as evaljs.