Extension Details
Context-Aware Verdict
The extension appears to be developed by aardexgroup.com, but critical trust indicators are missing - there's no information about download count, user ratings, or last update date. The empty description field is concerning as it provides no context about the extension's purpose or functionality. The lack of transparency about what "MEMS Reader" actually does raises questions about the developer's communication practices.
The extension requests extensive hardware access permissions including USB and HID device access, along with serial port communication capabilities. These permissions are particularly sensitive as they allow direct hardware interaction with specific vendor devices (vendor IDs 4292 and 8263). While the notifications permission alone is medium-risk, the combination with hardware access permissions creates a more significant security profile. The use of Manifest V2 means the extension operates under less restrictive security controls compared to modern V3 extensions.
Given the hardware-focused nature and lack of transparency, consider running this extension in a separate Chrome profile to isolate potential risks. Only install if you specifically need to interact with MEMS (Micro-Electro-Mechanical Systems) devices from the specified vendors. Verify the extension's legitimacy through the developer's official website before installation. Monitor system behavior after installation and remove immediately if any unexpected hardware interactions occur. Consider seeking alternative extensions with better documentation and transparency if available.
Findings
Security Analysis Details
Required Permissions:
- usb
- hid
- {:usbDevices=>[{:vendorId=>4292, :productId=>33332}, {:vendorId=>8263, :productId=>2477}]}
- serial
- notifications
Embedded URLs (9 total):
| http://www.mwvaardex.com/ | http://jqueryui.com | |
| http://jqueryui.com/themeroller/?ffDefault=Verdana%2CArial%2Csans-serif&fwDefault=normal&fsDefault=1.1em&cornerRadius=4px&bgColorHeader=cccccc&bgTextureHeader=highlight_soft&bgImgOpacityHeader=75&borderColorHeader=aaaaaa&fcHeader=222222&iconColorHeader=222222&bgColorContent=ffffff&bgTextureContent=flat&bgImgOpacityContent=75&borderColorContent=aaaaaa&fcContent=222222&iconColorContent=222222&bgColorDefault=e6e6e6&bgTextureDefault=glass&bgImgOpacityDefault=75&borderColorDefault=d3d3d3&fcDefault=555555&iconColorDefault=888888&bgColorHover=dadada&bgTextureHover=glass&bgImgOpacityHover=75&borderColorHover=999999&fcHover=212121&iconColorHover=454545&bgColorActive=ffffff&bgTextureActive=glass&bgImgOpacityActive=65&borderColorActive=aaaaaa&fcActive=212121&iconColorActive=454545&bgColorHighlight=fbf9ee&bgTextureHighlight=glass&bgImgOpacityHighlight=55&borderColorHighlight=fcefa1&fcHighlight=363636&iconColorHighlight=2e83ff&bgColorError=fef1ec&bgTextureError=glass&bgImgOpacityError=95&borderColorError=cd0a0a&fcError=cd0a0a&iconColorError=cd0a0a&bgColorOverlay=aaaaaa&bgTextureOverlay=flat&bgImgOpacityOverlay=0&opacityOverlay=30&bgColorShadow=aaaaaa&bgTextureShadow=flat&bgImgOpacityShadow=0&opacityShadow=30&thicknessShadow=8px&offsetTopShadow=-8px&offsetLeftShadow=-8px&cornerRadiusShadow=8px | http://jqueryui.com/themeroller/?ffDefault=Verdana%2CArial%2Csans-serif&fwDefault=normal&fsDefault=1.1em&cornerRadius=4px&bgColorHeader=%23cccccc&bgTextureHeader=dots_medium&bgImgOpacityHeader=75&borderColorHeader=%23aaaaaa&fcHeader=%23003c69&iconColorHeader=%23003c69&bgColorContent=%23ffffff&bgTextureContent=flat&bgImgOpacityContent=75&borderColorContent=%23aaaaaa&fcContent=%23222222&iconColorContent=%23003c69&bgColorDefault=%23e6e6e6&bgTextureDefault=glass&bgImgOpacityDefault=75&borderColorDefault=%23d3d3d3&fcDefault=%23555555&iconColorDefault=%23003c69&bgColorHover=%23dadada&bgTextureHover=glass&bgImgOpacityHover=75&borderColorHover=%23999999&fcHover=%23003c69&iconColorHover=%23003c69&bgColorActive=%23ffffff&bgTextureActive=glass&bgImgOpacityActive=65&borderColorActive=%23aaaaaa&fcActive=%23003c69&iconColorActive=%23003c69&bgColorHighlight=%23fbf9ee&bgTextureHighlight=glass&bgImgOpacityHighlight=55&borderColorHighlight=%23fcefa1&fcHighlight=%23003c69&iconColorHighlight=%23003c69&bgColorError=%23f2dede&bgTextureError=glass&bgImgOpacityError=95&borderColorError=%23b94a48&fcError=%23800&iconColorError=%23800&bgColorOverlay=%23003c69&bgTextureOverlay=flat&bgImgOpacityOverlay=0&opacityOverlay=30&bgColorShadow=%23003c69&bgTextureShadow=flat&bgImgOpacityShadow=0&opacityShadow=30&thicknessShadow=8px&offsetTopShadow=-8px&offsetLeftShadow=-8px&cornerRadiusShadow=8px | |
| https://github.com/imaya/zlib.js | http://modernizr.com/download/#-canvas-touch-cssclasses-teststyles-prefixes-load | |
| https://iadherence.aardexgroup.com/php/indirection/betaindirs/qcpost/json/ | https://betaauth.aardexgroup.com:8444 | |
| https://clients2.google.com/service/update2/crx |
Raw Manifest
{ "app": { "background": { "page": "index.html" } }, "name": "__MSG_appName__", "icons": { "16": "icons/16-icon.png", "128": "icons/128-icon.png" }, "version": "0.4.2.2", "short_name": "__MSG_appShortName__", "update_url": "https://clients2.google.com/service/update2/crx", "description": "__MSG_appDescription__", "permissions": [ "usb", "hid", { "usbDevices": [ { "vendorId": 4292, "productId": 33332 }, { "vendorId": 8263, "productId": 2477 } ] }, "serial", "notifications" ], "default_locale": "en", "offline_enabled": true, "manifest_version": 2, "externally_connectable": { "ids": [ "*" ] } }
ⓘ CRXaminer has partnered with our friends at Secure Annex to provide additional findings unique to their platform.
Secure Annex also analyzes extensions from other browsers, IDEs, and can continuously monitor.
This extension may not yet be analyzed by Secure Annex.