Worth a MalExt Report? A 2 Million-User Chrome Extension Added Give Freely/Wildlink in a 5-Day Update

I’ve been reversing the 2M+ user Volume Booster Chrome extension and found something interesting. Between v1.0.3 (2025-06-27) and v1.0.4 (2025-07-02), the extension added: “content_scripts”: [{ “matches”: [“<all_urls>”], “js”: [ “vendor/GiveFreely-content.umd.js”, “content-script.js” ] }] The previous version was essentially a small audio booster. The newer version introduces a Give Freely / Wildlink component that appears to support merchant detection, affiliate attribution, and donation campaigns. No new permissions were added, meaning existing users would have received the update automatically without a new Chrome permission approval prompt. I’ve also found the same Give Freely / Wildlink infrastructure in multiple unrelated extensions, which makes me think it’s being distributed as a white-label monetization/fundraising SDK. I’m still investigating and considering whether this is worth adding to MalExt. At this point I don’t have evidence of malware, credential theft, or anything overtly malicious just a significant expansion of functionality in a 2M-user extension. Curious what others think. Is this a transparency/privacy concern, or just a normal extension monetization model? Any opinions or prior research on Give Freely / Wildlink would be appreciated so i can added to malext.io submitted by /u/Huge-Skirt-6990 [link] [comments]Technical Information Security Content & DiscussionRead More