It's inserting fake search results and running a keystroke monitor. To me this isn't even a close call; of course it's malware. I would also say that any developer who would do this simply can't be trusted; if he will do this, he might do just about anything else. He doesn't seem to have any regard for others.
a hell of a lot of chrome extensions inject adverts and other tracking code into websites you visit, like Facebook and youtube. would you class those extensions as malware as well?
I would, but that then means that the chrome web store is riddled with malware which isn't a nice thought and doesn't bode well for its future as something that is supposed to be more secure than traditional native platforms.
Considering that Google search result ads are riddled with malware* and Google AdSense ads are riddled with malware and that Google Play has numerous ongoing issues with Android malware, I don't think it's really surprising that the Google Chrome Extensions store is also riddled with malware.
* Which my mother confirmed JUST THIS WEEKEND by searching Google for Firefox and Spider Solitaire clicking one of the Google ads up top for each to get the download and... 2 hours of cleaning later and removing 18 different malware apps. Then just deciding it was faster to restore it to a factory image.
* * Which I'm trying to block one by one using the pitiful tools that Google makes available to block individual adsense advertisers.
