Starting analysis...
Popup Blocker - Blocks annoying Popups
Version 1.0.17 View in Chrome Web Store
Extension Details
Context-Aware Verdict
The extension has a moderate user base of 100,000 users and a decent rating of 3.9/5, suggesting some level of user acceptance. However, the relatively low number of reviews (87) compared to the user count raises questions about engagement authenticity. The developer domain "popupsblocker.org" appears purpose-built for this extension, but lacks established company reputation or transparency about the development team.
The extension requests extremely broad permissions that far exceed what's necessary for basic popup blocking. The combination of tabs permission, broad host permissions (<all_urls>), and content script injection across all websites creates a powerful surveillance capability. Most legitimate popup blockers operate through declarativeNetRequest rules without needing such extensive access. The unlimitedStorage permission is particularly concerning as it could enable large-scale data collection. The broad content script injection capability means this extension can read all data on every website you visit, including passwords, personal information, and financial data.
Consider running this extension in a separate Chrome profile dedicated to non-sensitive browsing if you must use it. Better alternatives would be established popup blockers with more limited permissions, or using Chrome's built-in popup blocking features. If keeping this extension, regularly audit what data it might be collecting and avoid using it while accessing sensitive websites like banking or email services.
Findings
Security Analysis Details
Required Permissions:
- tabs
- storage
- scripting
- declarativeNetRequest
- declarativeNetRequestWithHostAccess
- unlimitedStorage
Host Permissions:
- <all_urls>
Content Security Policy:
- extension_pages: script-src 'self'; object-src 'self'
Embedded URLs (7 total):
| https://clients2.google.com/service/update2/crx | https://popupsblocker.org/json.php?c= | |
| https://popupsblocker.org/redirectblock.php? | https://popupsblocker.org/customrules.php? | |
| https://popupsblocker.org/uninstall.php? | https://chrome.google.com/webstore/detail/ | |
| https://microsoftedge.microsoft.com/addons/detail/ |
Raw Manifest
{ "name": "__MSG_appName__", "icons": { "128": "128.png" }, "version": "1.0.17", "background": { "service_worker": "sw.js" }, "update_url": "https://clients2.google.com/service/update2/crx", "description": "__MSG_appDesc__", "permissions": [ "tabs", "storage", "scripting", "declarativeNetRequest", "declarativeNetRequestWithHostAccess", "unlimitedStorage" ], "default_locale": "en", "content_scripts": [ { "js": [ "cs.js" ], "run_at": "document_start", "matches": [ "*://*/*" ], "all_frames": false, "match_about_blank": true } ], "host_permissions": [ "<all_urls>" ], "manifest_version": 3, "content_security_policy": { "extension_pages": "script-src 'self'; object-src 'self'" }, "web_accessible_resources": [ { "matches": [ "<all_urls>" ], "resources": [ "web-accessible-resources/*", "close.html", "128.png" ], "use_dynamic_url": true } ] }
ⓘ CRXaminer has partnered with our friends at Secure Annex to provide additional findings unique to their platform.
Secure Annex also analyzes extensions from other browsers, IDEs, and can continuously monitor.
This extension may not yet be analyzed by Secure Annex.