[ new scan ] [ statistics ] [ github ] [ twitter ] [ help ]

Kaspersky Protection 17.0

Version 5.0.141.5 View in Chrome Web Store

Last scanned: about 12 hours ago

Extension Details

Rating: 3.7 ★ (250 ratings)

Users: 60,000

Context-Aware Verdict

MEDIUM

Overall Risk

Trust Factors:

Kaspersky is a well-established cybersecurity company with global recognition, which adds credibility to this extension. However, the moderate user base of 60,000 and average rating of 3.7 suggest mixed user experiences. The lack of recent update information and missing developer details in the listing are concerning for a security-focused extension.

Concerns:

The most significant concern is the use of 'unsafe-eval' in the Content Security Policy, which allows dynamic JavaScript execution and creates potential attack vectors that malicious actors could exploit. This is particularly problematic for a security extension that should maintain the highest security standards. The extension uses the older Manifest V2, which has weaker security controls compared to V3. The nativeMessaging permission allows communication with native applications on your system, which could be a privacy concern if compromised. Content scripts running on all HTTP/HTTPS sites provide broad access to web pages you visit.

Recommendations:

Consider running this extension in a separate Chrome profile to isolate potential risks from your main browsing environment. Monitor for updates that might address the unsafe-eval issue and migrate to Manifest V3. Given Kaspersky's reputation, contact their support to inquire about security improvements and update timelines. Consider alternative security extensions that use Manifest V3 and don't require unsafe JavaScript evaluation if security is your primary concern.

Findings

HIGH

Unsafe JavaScript Evaluation

This extension's Content Security Policy allows 'unsafe-eval', which permits dynamic JavaScript code execution using eval() and similar functions. This is a significant security risk as it could allow execution of malicious code.

MEDIUM

Medium-Risk Permission: storage

This extension has the storage permission. Can store data locally.

MEDIUM

Older Manifest Version

This extension uses Manifest Version 2, which has fewer security restrictions than Manifest V3. Consider using extensions that have upgraded to V3.

Raw Manifest

{
  "name": "__MSG_ExtensionName__",
  "icons": {
    "16": "images/icon_16.png",
    "32": "images/icon_32.png",
    "48": "images/icon_48.png",
    "64": "images/icon_64.png",
    "128": "images/icon_128.png"
  },
  "version": "5.0.141.5",
  "background": {
    "page": "/background/main.html"
  },
  "update_url": "https://clients2.google.com/service/update2/crx",
  "description": "__MSG_ExtensionDescription__",
  "permissions": [
    "nativeMessaging",
    "storage"
  ],
  "browser_action": {
    "default_icon": {
      "19": "images/button/inactive_19.png",
      "38": "images/button/inactive_38.png"
    },
    "default_popup": "/popup/offline_popup.html",
    "default_title": "__MSG_ToolbarButtonText__"
  },
  "default_locale": "en",
  "content_scripts": [
    {
      "js": [
        "/common/defaults.js",
        "/common/tracing.js",
        "/content/content_plugin.js",
        "/content/api_injection.js",
        "/content/product_info.js",
        "/content/script_injection.js",
        "/snapshot/script.main.js"
      ],
      "run_at": "document_start",
      "matches": [
        "http://*/*",
        "https://*/*"
      ],
      "all_frames": true
    }
  ],
  "manifest_version": 2,
  "content_security_policy": "script-src 'self' 'unsafe-eval'; connect-src 'self' https://*.scr.kaspersky-labs.com wss://*.scr.kaspersky-labs.com; object-src 'self'"
}

by ✦ Astarte

Kaspersky Protection 17.0

Extension Details

Context-Aware Verdict

Findings

Security Analysis Details

Required Permissions:

Content Security Policy:

Embedded URLs (2 total):

Raw Manifest

Detections

Manifest Findings