[ new scan ] [ statistics ] [ github ] [ twitter ] [ help ]

ShieldF

Version 1.0.1 View in Chrome Web Store

Last scanned: about 3 hours ago

Extension Details

Rating: 5.0 ★

Users: 79

Context-Aware Verdict

HIGH

Overall Risk

Trust Factors:

The extension has extremely limited trust indicators with only 79 users and no visible author or developer information. The lack of transparency regarding the developer's identity is concerning. The perfect 5.0 rating appears suspicious given the minimal user base and could indicate artificial inflation. The generic name "ShieldF" provides no clear indication of the extension's actual purpose or functionality.

Concerns:

The extension demonstrates classic characteristics of potentially malicious software. The combination of tabs permission with broad content script injection (*://*/*) creates a powerful surveillance capability that can monitor and manipulate all web browsing activity. The absence of any clear description makes it impossible to justify why such extensive permissions would be necessary. The developer's anonymity combined with these invasive permissions raises significant red flags about the extension's true intentions.

Recommendations:

Do not install this extension. The risk-to-benefit ratio is extremely unfavorable given the lack of clear functionality description and the extensive permissions requested. If you have already installed it, remove it immediately and consider running a security scan. The combination of anonymous development, minimal user base, broad permissions, and lack of clear purpose suggests this could be malware disguised as a legitimate extension. Consider reporting this extension to Chrome Web Store for review.

Findings

HIGH

Broad Content Script Injection

This extension can inject scripts into any website. This means it could potentially read sensitive data, modify website content, or steal credentials.

HIGH

High-Risk Permission: tabs

This extension has the tabs permission. Can access browser tab information and manipulate tabs. This could potentially be used maliciously to compromise security or privacy.

Raw Manifest

{
  "name": "ShieldF",
  "icons": {
    "16": "images/ShieldF_icon-16.png",
    "32": "images/ShieldF_icon-32.png",
    "48": "images/ShieldF_icon-48.png",
    "128": "images/ShieldF_icon-128.png"
  },
  "action": {
    "default_icon": "images/ShieldF_icon.png",
    "default_popup": "popup.html"
  },
  "author": "MA Bermejo-Agueda",
  "version": "1.0.1",
  "update_url": "https://clients2.google.com/service/update2/crx",
  "description": "ShieldF reduces user fingerprinting when browsing by misinforming OS, browser and hardware attributes/properties of the device",
  "permissions": [
    "tabs",
    "scripting"
  ],
  "content_scripts": [
    {
      "js": [
        "./content.js"
      ],
      "run_at": "document_start",
      "matches": [
        "*://*/*"
      ]
    }
  ],
  "manifest_version": 3,
  "content_security_policy": {},
  "web_accessible_resources": [
    {
      "matches": [
        "<all_urls>"
      ],
      "resources": [
        "script.js"
      ]
    }
  ],
  "converted_from_user_script": true
}

by ✦ Astarte

ShieldF

Extension Details

Context-Aware Verdict

Findings

Security Analysis Details

Required Permissions:

Embedded URLs (1 total):

Raw Manifest

Detections

Manifest Findings