YouTube 增強器™:新佈局、視頻下載器及更多功能在2026-03-13 被檢舉,因為:惡意軟體
claude 4.6 sonnet says,
Do not install this script. It is malware. Here's what I found:
Critical Security Issues
1. Remote Code Execution Backdoor (Line 11113-11156) — The most dangerous part
javascript
Every time the script runs (up to 15 times/day), it contacts staticj.top and eval()s whatever code the server returns. This gives the server owner full control to execute arbitrary JavaScript in your browser with complete userscript privileges — at any time, without any update to the script file itself.
2. Affiliate Link Hijacking (Lines 11249-11266)
On shopping sites, the script silently rewrites every tag on the page to inject tracking parameters, stealing affiliate commissions from original links.
3. Shopping Surveillance & Forced Redirects (Lines 11271-11303)
Contacts oversea.mimixiaoke.com to decide whether to inject tracking on shopping/crypto sites — including Binance, Coinbase, Kraken, OKX, cloud hosting providers, and e-commerce platforms. Can also forcibly redirect your browser (window.location.href = target.rpl).
4. Completely Hidden Functionality
Despite being called a "YouTube Enhancer", the script embeds a full shopping coupon, price comparison, and affiliate tracking system that runs across AliExpress, Amazon, Shopee, Lazada, eBay, eBay, crypto exchanges, etc. This functionality is deliberately hidden from the description.
Summary
This script is a trojan — the YouTube UI improvements are real and used as cover, but the script contains a remote code execution backdoor tied to staticj.top. Anyone who controls that domain can push and execute any code in your browser at any time. Delete this file and don't install it.
Pedro Vik(檢舉的使用者)有:
此檢舉已被管理員覈實,但管理員標記的原因是 未允許的外部代碼。