[ new scan ] [ statistics ] [ github ] [ twitter ] [ help ]

Sybrin WebAssist

Version 1.0.0.7 View in Chrome Web Store

Last scanned: about 7 hours ago

Extension Details

Rating: 5.0 ★ (4 ratings)

Users: 1,000

Context-Aware Verdict

HIGH

Overall Risk

Trust Factors:

The extension has very limited trust indicators with only 1,000 users and just 4 ratings, despite a perfect 5.0 rating. The lack of developer information, company details, and last updated date raises transparency concerns. The name "Sybrin WebAssist" suggests it may be from Sybrin, a known identity verification company, but this cannot be confirmed without proper developer attribution.

Concerns:

The extension requests extremely broad permissions that are concerning for its apparent purpose. The combination of tabs permission with content script injection across all URLs creates a powerful surveillance capability. The nativeMessaging permission allows communication with local applications, which could facilitate data exfiltration. The broad host permissions (http://*/ and https://*//) combined with content script injection on all URLs means this extension can read and modify any website you visit, including banking sites, email, and other sensitive platforms. The use of outdated Manifest V2 provides fewer security protections.

Recommendations:

Given the high-risk profile, avoid installing this extension unless absolutely necessary for business purposes. If required, run it in a completely separate Chrome profile isolated from personal browsing. Verify the extension's legitimacy by contacting Sybrin directly through official channels. Consider alternative solutions that require fewer permissions. Monitor your accounts for unusual activity if you must use this extension.

Findings

HIGH

Broad Content Script Injection

This extension can inject scripts into any website. This means it could potentially read sensitive data, modify website content, or steal credentials.

HIGH

High-Risk Permission: tabs

This extension has the tabs permission. Can access browser tab information and manipulate tabs. This could potentially be used maliciously to compromise security or privacy.

MEDIUM

Medium-Risk Permission: activeTab

This extension has the activeTab permission. Can access the active tab when clicking the extension icon.

MEDIUM

Medium-Risk Permission: contextMenus

This extension has the contextMenus permission. Can add items to the context menu.

MEDIUM

Older Manifest Version

This extension uses Manifest Version 2, which has fewer security restrictions than Manifest V3. Consider using extensions that have upgraded to V3.

Raw Manifest

{
  "name": "Sybrin WebAssist",
  "icons": {
    "16": "icon16.png",
    "24": "icon24.png",
    "32": "icon32.png",
    "48": "icon48.png",
    "64": "icon64.png",
    "256": "icon256.png"
  },
  "author": "Sybrin Limited",
  "version": "1.0.0.7",
  "background": {
    "scripts": [
      "jquery-3.1.1.min.js",
      "background.js"
    ]
  },
  "short_name": "Sybrin WebAssist",
  "update_url": "https://clients2.google.com/service/update2/crx",
  "description": "Launches and manages Sybrin WebAssist service.",
  "permissions": [
    "tabs",
    "activeTab",
    "nativeMessaging",
    "contextMenus",
    "http://*/",
    "https://*/"
  ],
  "browser_action": {
    "default_icon": "icon32.png"
  },
  "content_scripts": [
    {
      "js": [
        "content.js"
      ],
      "matches": [
        "<all_urls>"
      ],
      "all_frames": true
    }
  ],
  "manifest_version": 2
}

by ✦ Astarte

http://127.0.0.1:20401/api/app/shutdown	http://127.0.0.1:20401/default.html
http://127.0.0.1:20401/api/app/isrunning	https://clients2.google.com/service/update2/crx

Sybrin WebAssist

Extension Details

Context-Aware Verdict

Findings

Security Analysis Details

Required Permissions:

Embedded URLs (4 total):

Raw Manifest

Detections

Manifest Findings