Serasa Experian - Certificado Digital
Version 1.0.14 View in Chrome Web Store
Extension Details
Context-Aware Verdict
The extension is associated with Serasa Experian, a well-known Brazilian credit bureau and financial services company, which provides some legitimacy. However, the extremely low rating of 1.5 stars from 32 reviews is concerning and suggests significant user dissatisfaction. With 50,000 users, it has moderate adoption but the poor ratings indicate potential functionality or security issues.
The primary concern is the nativeMessaging permission, which allows the extension to communicate with native applications on the user's computer. This is a powerful capability that could potentially be exploited to access system resources or execute local programs. The content scripts run on specific domains including certificadodigital.com.br and sydle.one, plus a local IP address (10.96.189.153:8080), which suggests internal network access. The use of Manifest V2 presents additional security risks as it lacks the enhanced protections of V3. The poor user ratings combined with these technical permissions create a concerning profile.
Given the medium risk level, consider running this extension in a separate Chrome profile to isolate its capabilities from your main browsing environment. Monitor the extension's behavior closely and be cautious about what native applications might be accessed. Consider whether the digital certificate functionality is essential enough to justify the security trade-offs, and look for alternative solutions with better user ratings and more restrictive permissions if possible.
Findings
Security Analysis Details
Required Permissions:
- nativeMessaging
Embedded URLs (4 total):
| https://github.com/ded/bowser | http://developer.yahoo.com/yui/articles/gbs | |
| https://clients2.google.com/service/update2/crx | http://10.96.189.153:8080/ |
Raw Manifest
{ "name": "Serasa Experian - Certificado Digital", "icons": { "16": "16.png", "48": "48.png", "128": "128.png" }, "author": "eID Tribe - Serasa Experian", "version": "1.0.14", "background": { "scripts": [ "background.js" ], "persistent": false }, "update_url": "https://clients2.google.com/service/update2/crx", "description": "Emissão, renovação e assinatura com certificado digital.", "permissions": [ "nativeMessaging" ], "content_scripts": [ { "js": [ "configuration.js", "common.js", "routines.js", "bowser.js" ], "matches": [ "http://*.certificadodigital.com.br/*", "https://*.certificadodigital.com.br/*", "https://*.hom.sydle.one/*", "https://*.sydle.one/*", "http://10.96.189.153:8080/*" ], "all_frames": true } ], "manifest_version": 2 }
ⓘ CRXaminer has partnered with our friends at Secure Annex to provide additional findings unique to their platform.
Secure Annex also analyzes extensions from other browsers, IDEs, and can continuously monitor.
This extension may not yet be analyzed by Secure Annex.