CRXaminer

[ new scan ] [ statistics ] [ github ] [ twitter ] [ help ]

Last scanned: about 22 hours ago

Extension Details

Context-Aware Verdict

MEDIUM

Overall Risk

Trust Factors: This extension appears to be designed for Caixa Econômica Federal, a major Brazilian government bank, based on the domain permissions. However, several concerning factors reduce trust: the extension has no visible name, description, author information, user count, or ratings. The lack of basic metadata suggests this may be an internal or unofficial extension that hasn't gone through proper Chrome Web Store validation processes.

Concerns:

- Missing critical metadata (name, description, author, user count) raises authenticity questions

- Native messaging permission allows communication with external applications on the user's computer, which could be exploited

- Unlimited storage permission enables the extension to consume excessive disk space

- Manifest V2 usage indicates outdated security standards

- Broad domain access to multiple Caixa subdomains increases attack surface

- Localhost access could interfere with local development environments

Recommendations: Given the banking context and missing metadata, exercise extreme caution. Verify this extension's legitimacy directly with Caixa Econômica Federal before installation. If you must use it, consider running it in a separate Chrome profile dedicated solely to banking activities. Monitor your system for unusual behavior and regularly clear the extension's stored data. Consider seeking an official, properly documented alternative from Caixa's official channels. The combination of banking access and native messaging capabilities makes this particularly sensitive.

Findings

MEDIUM

Medium-Risk Permission: storage

This extension has the storage permission. Can store data locally.

MEDIUM

Medium-Risk Permission: unlimitedStorage

This extension has the unlimitedStorage permission. Can store unlimited data locally.

MEDIUM

Older Manifest Version

This extension uses Manifest Version 2, which has fewer security restrictions than Manifest V3. Consider using extensions that have upgraded to V3.

Raw Manifest

{
  "name": "Kriptonita Assinatura Digital",
  "icons": {
    "16": "sign-16.png",
    "48": "sign-48.png",
    "128": "sign-128.png"
  },
  "author": "yorick.flannagan@gmail.com",
  "version": "1.1.15",
  "background": {
    "scripts": [
      "bundle.js"
    ],
    "persistent": false
  },
  "update_url": "https://clients2.google.com/service/update2/crx",
  "description": "Fornece serviços de assinatura digital no padrão da ICP-Brasil",
  "permissions": [
    "nativeMessaging",
    "storage",
    "unlimitedStorage",
    "http://localhost/*",
    "http://*.corerj.caixa/*",
    "https://*.corerj.caixa/*",
    "http://*.nprd2.caixa/*",
    "https://*.nprd2.caixa/*",
    "http://*.caixa.gov.br/*",
    "https://*.caixa.gov.br/*"
  ],
  "content_scripts": [
    {
      "js": [
        "contents.js"
      ],
      "run_at": "document_end",
      "matches": [
        "http://localhost/*",
        "http://*.corerj.caixa/*",
        "https://*.corerj.caixa/*",
        "http://*.nprd2.caixa/*",
        "https://*.nprd2.caixa/*",
        "http://*.caixa.gov.br/*",
        "https://*.caixa.gov.br/*"
      ]
    }
  ],
  "manifest_version": 2,
  "externally_connectable": {
    "matches": [
      "http://localhost/*",
      "http://*.corerj.caixa/*",
      "https://*.corerj.caixa/*",
      "http://*.nprd2.caixa/*",
      "https://*.nprd2.caixa/*",
      "http://*.caixa.gov.br/*",
      "https://*.caixa.gov.br/*"
    ]
  },
  "web_accessible_resources": [
    "global.js"
  ]
}

by ✦ Astarte

Extension Details

Context-Aware Verdict

Findings

Security Analysis Details

Required Permissions:

Embedded URLs (3 total):

Raw Manifest

Detections

Manifest Findings

https://clients2.google.com/service/update2/crx	http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd
http://www.w3.org/1999/xhtml