Hacker News new | ask | show | jobs
by ramshanker 3175 days ago
Guess author of the plugin is pretty smart but not smart enough to encrypt the traffic back home or obscure his/her nasty secrets.

I guess it might be keeping the black stuff for some cool down time just after installation. Many malware seem to do there days. We might have got true clicks targeted.
1 comments
mseebach 3175 days ago
Encrypting the traffic would only have made it marginally more difficult to intercept (https://portswigger.net/burp/help/proxy_options_installingca...). Also, the guy got 400k downloads, sometimes you don't need "smart".
link