Closed Bug 1552594 Opened 6 years ago Closed 6 years ago

Extension Block Request: Google Translate

Categories

(Toolkit :: Blocklist Policy Requests, task)

task
Not set
normal

Tracking

()

RESOLVED INVALID

People

(Reporter: heavenepic, Assigned: Fallen)

Details

Extension name Google Translate
Extension versions affected 1.2
Platforms affected <all platforms>
Block severity hard

Reason

Kaspersky reports this extension as malware and it sometimes spikes my CPU to 100%. When I tried to inspect the javascript code, it seems to be heavily obfuscated so I am not able to understand its logic. But for what it is doing (adding search google translate option to right click menu), the code shouldn't be much complicated. Plus the author claims it was "developed by the Google Translator team". I highly doubt that.

Extension IDs

{f959a2e9-f211-424b-b0cd-ea7ecf269753}
Assignee: nobody → philipp
Status: UNCONFIRMED → ASSIGNED
Type: defect → task
Ever confirmed: true

From a brief look I haven't been able to identify anything obviously malicious. Can you provide further information on what Kaspersky says, e.g. which file is an issue? Also, can you confirm version 1.2 is the one you have installed?

Flags: needinfo?(heavenepic)

I installed the latest so it should be version 1.2.
I've already uninstalled it but Kaspersky is reporting 1) "code injection" from unknown source (or something like that) and 2) sending pings to malicious domain.

Flags: needinfo?(heavenepic)

Ok, I've gone through this add-on and others like it. It seems these are copied from an add-on on the Chrome Store. There is indeed a script injection, though it does not seem like the policies are intentionally violated. For this reason I'm handling this via a standard rejection instead.

I'd suggest to look for a different translation add-on that handles translation. Thanks for the report!

Status: ASSIGNED → RESOLVED
Closed: 6 years ago
Resolution: --- → INVALID
Group: blocklist-requests
You need to log in before you can comment on or make changes to this bug.