WAbulk: Whatsapp Bulk Message Sender
Version 1.0.5 View in Chrome Web Store
Last scanned: about 2 hours ago
Extension Details
Developer:
https://premiumrocketsender.com/
Rating:
5.0 ★
(44 ratings)
Users:
288
Context-Aware Verdict
This section provides a Claude-based AI analysis that applies additional context to the risk. Results are not guaranteed to be accurate.
HIGH
Overall Risk
Trust Factors:
The extension has a perfect 5.0 rating from 44 reviews, which suggests user satisfaction. However, the extremely low user count of only 288 users raises concerns about limited real-world testing. The developer website (premiumrocketsender.com) appears to be a commercial service, but the low adoption rate and lack of established reputation create uncertainty about the developer's credibility.
Concerns:
The cookies permission is particularly concerning for a WhatsApp bulk messaging tool, as it's unnecessary for the extension's stated functionality and could be used to access sensitive authentication data. The broad host permissions combined with content script injection into WhatsApp Web creates potential for data harvesting or account compromise. The extension's ability to send bulk messages could facilitate spam or harassment, potentially violating WhatsApp's terms of service and risking account suspension.
Recommendations:
Consider running this extension in a separate Chrome profile to isolate potential risks from your main browsing session. Before installation, verify that bulk messaging aligns with WhatsApp's current terms of service to avoid account penalties. Monitor the extension's behavior closely and revoke permissions if any suspicious activity occurs. Given the high-risk permissions and low user base, consider alternative bulk messaging solutions with better security track records and larger user communities for validation.
Findings
This section provides a detailed analysis of the extension's security posture, without broader context. Assumes worst-case impact.
HIGH
Broad Host Permissions
This extension has broad host permissions allowing it to access many or all websites. This could potentially be used to steal sensitive data or track browsing activity.
HIGH
High-Risk Permission: cookies
This extension has the cookies permission. Can access and modify browser cookies. This could potentially be used maliciously to compromise security or privacy.
MEDIUM
Medium-Risk Permission: storage
This extension has the storage permission. Can store data locally.
Security Analysis Details
Required Permissions:
- storage
- cookies
- https://premiumrocketsender.com/
- alarms
Host Permissions:
- https://premiumrocketsender.com/*
Embedded URLs (138 total):
| http://purl.org/dc/elements/1.1/ | http://creativecommons.org/ns# | |
| http://www.w3.org/1999/02/22-rdf-syntax-ns# | http://www.w3.org/2000/svg | |
| http://purl.org/dc/dcmitype/StillImage | https://npms.io/search?q=ponyfill. | |
| http://getbootstrap.com | https://github.com/twbs/bootstrap/blob/master/LICENSE | |
| https://github.com/h5bp/html5-boilerplate/blob/master/src/css/main.css | http://momentjs.com/guides/#/warnings/define-locale/ | |
| http://momentjs.com/guides/#/warnings/js-date/ | http://momentjs.com/guides/#/warnings/min-max/ | |
| http://momentjs.com/guides/#/warnings/add-inverted-param/ | http://momentjs.com/guides/#/warnings/zone/ | |
| http://momentjs.com/guides/#/warnings/dst-shifted/ | http://purl.org/dc/terms/ | |
| http://purl.org/dc/dcmitype/ | http://schemas.microsoft.com/office/mac/excel/2008/main | |
| http://schemas.openxmlformats.org/officeDocument/2006/relationships | http://schemas.openxmlformats.org/package/2006/sheetjs/core-properties | |
| http://schemas.openxmlformats.org/officeDocument/2006/docPropsVTypes | http://www.w3.org/2001/XMLSchema-instance | |
| http://www.w3.org/2001/XMLSchema | http://schemas.openxmlformats.org/spreadsheetml/2006/main | |
| http://purl.oclc.org/ooxml/spreadsheetml/main | http://schemas.microsoft.com/office/excel/2006/main | |
| http://schemas.microsoft.com/office/excel/2006/2 | http://www.w3.org/TR/REC-html40 | |
| http://schemas.openxmlformats.org/package/2006/content-types | http://schemas.openxmlformats.org/officeDocument/2006/relationships/officeDocument | |
| http://sheetjs.openxmlformats.org/officeDocument/2006/relationships/officeDocument | http://schemas.openxmlformats.org/officeDocument/2006/relationships/hyperlink | |
| http://schemas.openxmlformats.org/officeDocument/2006/relationships/vmlDrawing | http://schemas.openxmlformats.org/officeDocument/2006/relationships/externalLinkPath | |
| http://schemas.microsoft.com/office/2006/relationships/xlExternalLinkPath/xlPathMissing | http://schemas.openxmlformats.org/officeDocument/2006/relationships/externalLink | |
| http://schemas.microsoft.com/office/2006/relationships/vbaProject | http://schemas.openxmlformats.org/package/2006/relationships | |
| http://docs.oasis-open.org/ns/office/1.2/meta/ | http://www.w3.org/1999/xlink | |
| http://schemas.openxmlformats.org/package/2006/metadata/core-properties | http://schemas.openxmlformats.org/package/2006/relationships/metadata/core-properties | |
| http://schemas.openxmlformats.org/officeDocument/2006/extended-properties | http://schemas.openxmlformats.org/officeDocument/2006/relationships/extended-properties | |
| http://schemas.openxmlformats.org/officeDocument/2006/custom-properties | http://schemas.openxmlformats.org/officeDocument/2006/relationships/custom-properties | |
| http://schemas.openxmlformats.org/officeDocument/2006/relationships/sharedStrings | http://schemas.openxmlformats.org/officeDocument/2006/relationships/styles | |
| http://schemas.openxmlformats.org/officeDocument/2006/relationships/theme | http://schemas.openxmlformats.org/drawingml/2006/main | |
| http://schemas.openxmlformats.org/officeDocument/2006/relationships/image | http://schemas.openxmlformats.org/officeDocument/2006/relationships/drawing | |
| http://schemas.openxmlformats.org/officeDocument/2006/relationships/comments | http://schemas.openxmlformats.org/officeDocument/2006/relationships/dialogsheet | |
| http://schemas.microsoft.com/office/2006/relationships/xlMacrosheet | http://schemas.openxmlformats.org/officeDocument/2006/relationships/worksheet | |
| http://purl.oclc.org/ooxml/officeDocument/relationships/worksheet | http://schemas.openxmlformats.org/officeDocument/2006/relationships/chart | |
| http://schemas.microsoft.com/office/2014/relationships/chartEx | http://schemas.openxmlformats.org/officeDocument/2006/relationships/chartsheet | |
| http://www.w3.org/1998/Math/MathML | http://openoffice.org/2004/office | |
| http://openoffice.org/2004/writer | http://openoffice.org/2004/calc | |
| http://www.w3.org/2001/xml-events | http://www.w3.org/2002/xforms | |
| http://openoffice.org/2005/report | http://www.w3.org/1999/xhtml | |
| http://www.w3.org/2003/g/data-view# | http://openoffice.org/2009/table | |
| http://openoffice.org/2010/draw | http://www.w3.org/TR/css3-text/ | |
| http://docs.oasis-open.org/ns/office/1.2/meta/pkg# | https://github.com/sliptree/bootstrap-tokenfield | |
| http://jsfiddle.net/ragulka/Dy9au/1/ | https://firebase.google.com/pricing/. | |
| https://webpack.js.org/configuration/resolve/#resolvemainfields | https://github.com/rollup/rollup-plugin-node-resolve | |
| https://us-central1-new-project-189.cloudfunctions.net | https://web.whatsapp.com |
Page 1 of 2
Raw Manifest
{ "name": "WAbulk: Whatsapp Bulk Message Sender", "icons": { "16": "img/icon16.png", "48": "img/icon48.png", "128": "img/icon128.png" }, "action": { "default_popup": "popup.html", "default_title": "Premium Rocket Sender" }, "version": "1.0.5", "background": { "service_worker": "background/service-worker.js" }, "update_url": "https://clients2.google.com/service/update2/crx", "description": "WAbulk, WhatsApp bulk message sender helps you send personalized WhatsApp messages to multiple contacts directly from your browser.", "permissions": [ "storage", "cookies", "https://premiumrocketsender.com/", "alarms" ], "content_scripts": [ { "js": [ "libs/jquery/jquery.min.js", "libs/papaparse/papaparse.min.js", "libs/loadash/loadash.min.js", "libs/firebase/firebase.js", "libs/firebase/firebase-storage.js", "libs/moment/moment.min.js", "libs/moment/moment-duration-format.min.js", "libs/chatbot/index.js", "common/chrome-msging.js", "content/selectors.js", "common/analytics.js", "common/storage.js", "common/utility.js", "libs/libphonenumber/libphonenumber.js", "libs/xlsx/xlsx.full.min.js", "content/groupsui.js", "content/templatesui.js", "content/ui.js", "content/firebaseconfig.js", "content/dom-channel/common.js", "content/dom-channel/dom-channel.js", "content/content-libhook.js", "content/content.js" ], "matches": [ "*://web.whatsapp.com/*" ] } ], "host_permissions": [ "https://premiumrocketsender.com/*" ], "manifest_version": 3, "web_accessible_resources": [ { "matches": [ "*://web.whatsapp.com/*" ], "resources": [ "css/lib.css", "/img/*", "libs/jquery/jquery.min.js", "libs/loadash/loadash.min.js", "content/lib-hooks/libhook-selectors.js", "content/dom-channel/dom-channel.js", "content/lib-hooks/store.js", "content/lib-hooks/utils.js", "content/lib-hooks/fl.js", "content/lib-hooks/libhook-listeners.js", "content/lib-hooks/local-storage.js", "content/lib-hooks/lib-hook.js", "content/dom-channel/common.js", "content/lib-hooks/libhook-model.js", "content/lib-hooks/privacy-function.js", "content/lib-hooks/libhook-content.js" ] } ] }
ⓘ CRXaminer has partnered with our friends at Secure Annex to provide additional findings unique to their platform.
Secure Annex also analyzes extensions from other browsers, IDEs, and can continuously monitor.
Loading Secure Annex data...
Unable to load Secure Annex data.
This extension may not yet be analyzed by Secure Annex.
Detections
0Critical
0
High
0
Medium
0
Low
0
Has Verdicts
Yes
Manifest Findings
0Critical
0
High
0
Medium
0
Low
0
Secure Annex analyzed version: -