Translate - Translator, Dictionary, TTSSecurity Analysis

Extension has access to all sites and captures keyboard input — behavior consistent with a keylogger.

Dynamically creates script elements, potentially loading external malicious code.

Listens for keyboard events, a common technique used by keyloggers.

JavaScript files are accessible to ALL websites. Any page can load and interact with these scripts, enabling web→extension attacks.

Sends messages via Chrome runtime, could communicate with external services.

Decodes base64 data, commonly used to hide malicious payloads.

Makes HTTP requests to external servers, may be used for data exfiltration.

Uses XMLHttpRequest to make network calls.

Fetches external URL: https://backenster.com/api/app/config

Line exceeds 5000 characters (entropy: 5.14053971472386)

Template injection leading to XSS

This extension does not define a Content Security Policy. A CSP helps prevent XSS and code injection attacks.

Web-accessible resources use <all_urls> or wildcard patterns, exposing resources to every website.

Extension uses tab tracking APIs (onUpdated/query) and communicates with external servers — potential browsing surveillance.

Sets innerHTML directly, which can lead to XSS if used with untrusted data.

js/lib/jquery-3.4.1.min.js

js/lib/jquery-ui.min.js

js/lib/mustache.min.js

js/lib/purify.min.js

js/translate.js