Couldnt you do a scan to check if their plug-in has some kind of trojan or another type of malware? That would be a major evidence of scam.

Thanks for pointing me towards that thread
I've just filled in an abuse report, but in order to rate that extension, it seems i would need to re-install it before i can review it...

I'm always running chrome portable, and i've completely deleted all packages belonging to the "infected" chrome installation and re-downloaded a clean chrome portable package...

I'm actually wondering wether or not a chrome extension would ever be able to actually read and write data from/to the actual filesystem (and not just the "jail" created by chrome)... If an extension can only function within chrome, deleting chrome and resetting all passwords that were saved in chrome would suffice. If an extension has r/w access to the filesystem, i'd actually have to empty out all wallets on my system, reset all passwords in my keepass and format my complete harddisk... A daunting task to say the least..

I was actually able to download the plugin's sourcecode in case somebody is interested/willing to see what it actually does

I've sent you a PM, i didn't want to post a link to a scam plugin out in the open... If somebody else wants the sourcecode, let me know and i'll send it to you in a PM

As for the security... Yeah, i'd probably have to switch to firefox sooner or later... I'm using chrome because i do own a ledger and a trezor, and both have apps that run as a chrom(e)(ium) plugin, plus chrome always has a recent version available @ portableapps...