Image downloader - ImageyeSecurity Analysis

Extension intercepts network traffic and sends data externally — potential man-in-the-middle behavior.

Creates functions from strings, similar to eval(), often used to hide malicious code.

Dynamically creates script elements, potentially loading external malicious code.

Injects and executes scripts in web pages programmatically.

Dynamically sets a script's src attribute to load external code at runtime.

Uses eval() to execute dynamic code, a common technique for obfuscation and code injection.

Creates a function from a string (new Function()), similar to eval().

Uses eval() to execute dynamic code — a common vector for code injection.

Decodes base64 data, commonly used to hide malicious payloads.

Makes HTTP requests to external servers, may be used for data exfiltration.

Sends messages via Chrome runtime, could communicate with external services.

Modifies window.location to redirect the user, potentially to phishing or malicious pages.

Fetches external URL: https://imageye.net/v1/gogather-supported

Line exceeds 5000 characters (entropy: 5.348068411838561)

This extension does not define a Content Security Policy. A CSP helps prevent XSS and code injection attacks.

Sets innerHTML directly, which can lead to XSS if used with untrusted data.

Encodes data to base64, may be used for data exfiltration.

Creates a Web Worker, which runs code in a separate thread — can be used for background computation or crypto mining.