It's not malware. Marketing companies stealing commission from each other isn't malware. Giving the user less than the best possible deal isn't malware. It doesn't even upload your cookies to see if you're a tester - it does that on the client.
If I click on an affiliate link that I want to use and the extension changes that without me knowing, that’s malware for me. The intent of the user may be to use a specific affiliate link.
What's the ratio of people deliberately clicking affiliate links, to people who just click links and have no clue what an affiliate link even is?
I already thought Honey was scummy so I never used it in the first place, but I honestly don't get the particular outrage over these specific practices. You're already using the extension to effectively scam online stores, by using coupons the company gave to somebody else, not you. I see it as barely more ethical than doing that old trick of generating your own manufacturer coupons. Probably it's a lot more legal, but ethically it's in the same ballpark.
That's not how malware is defined - Windows ain't malware just because they occasionally make Edge open instead of what you thought were your default browser. The malware definition is way more specific than simply software that doesn't always follow user intent.
It actually does fall under the definition malware. Specifically, Honey hijacks affiliate marketing tags and replaces them with their own. This falls under the definition of the “spyware” category of malware.
Spyware is software that sends information about the user (browsing history, etc) to a 3rd party.
Many affiliate browser extensions do indeed do this, as an extra revenue stream. In fact, I'd recommend never installing a coupon browser extension. But replacing one number with another does not meet the above definition of spyware.
one point of view is why bother with any of this, google knows exactly what honey is doing, they could remove honey from chrome with the stroke of a pen, and that would be that.