Skip to content

Instantly share code, notes, and snippets.

@hackery

hackery/background-5e9c34d7.js

Created December 22, 2025 13:47
Show Gist options

  • Select an option

    Learn more about clone URLs
  • Save hackery/6a76c6e1997776439e3c3c9eb39808b3 to your computer and use it in GitHub Desktop.

Select an option

Learn more about clone URLs
Save hackery/6a76c6e1997776439e3c3c9eb39808b3 to your computer and use it in GitHub Desktop.
Download ZIP
ModHeader's dodgy adware tab opening for AI tools like creati.studio
Raw
background-5e9c34d7.js
chrome.runtime.onInstalled.addListener(async r => {
const n = new URL("https://www.extensions-hub.com/partners/uninstalled/?name=ModHeader");
if (n.searchParams.set("product", "ModHeader"),
n.searchParams.set("version", chrome.runtime.getManifest().version),
n.searchParams.set("browser", "chrome"),
chrome.runtime.setUninstallURL(n.href),
r.reason === "install" && "undefined" !== !0 && setTimeout( () => {
(!vt.managedProfiles || vt.managedProfiles.length === 0) && Jv({
url: "https://www.extensions-hub.com/partners/installed/?name=ModHeader",
autoClose: !1
})
}
, 1e3),
r.reason === "update") {
const i = "https://www.extensions-hub.com/partners/updated/?name=ModHeader";
Be.tabs.create({
url: i,
active: !0
})
}
}
@hackery
Copy link
Author

hackery commented Dec 22, 2025

It's possible that this isn't even intentional ad-spamming, but intended to open the modheader home page via this extensions-hub.com site, which has been compromised? The site root is pretty sparse.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment