The Honey browser extension was developed by the payment company PayPal. The main function of this extension is to help users provide coupons when browsing some websites. Many users have installed this extension with the help of the coupon function.
Earlier, the Honey extension was found to have malicious behavior: regardless of whether the user reached a specific website through Honey, Honey would hijack user traffic and add its own rebate links (affiliate links) during checkout.
For example, website A promotes a product through a certain KOL. When the user clicks on the product link, the original rebate link should belong to the KOL. However, if the user installs the Honey extension, the rebate link will be modified to Honey.
In other words, Honey hijacked the advertising revenue that originally belonged to KOL without the user's consent and without contributing to website A. This behavior is obviously fraud.
Google updated its Chrome ad extension rules today to clarify that this behavior is not allowed:
Affiliate links, code or cookies may only be included if the extension provides a direct and transparent user benefit related to its core functionality. Affiliate links are not allowed to be inserted without relevant user action and without providing tangible benefits to the user.
Common violations include: inserting affiliate links without discounts, cashback, or donations; and extensions that continuously inject affiliate links in the background without requiring user action.
The YouTube MegaLag video exposing the Honey extension hijacking in January has been viewed more than 17 million times, but MegaLag said the second part of his video should have been released weeks ago and because there was a lot going on behind the scenes, most of which cannot be revealed now.
Judging from what MegaLag said, it seems to have been under some kind of pressure. It is unknown whether PayPal contacted the creator and prevented the creator from continuing to post other videos about Honey hijacking user traffic.