[ new scan ] [ statistics ] [ github ] [ twitter ] [ help ]

Nufinetes

Version 1.4.2 View in Chrome Web Store

Last scanned: about 9 hours ago

Extension Details

Rating: 5.0 ★ (5 ratings)

Users: 137

Context-Aware Verdict

CRITICAL

Overall Risk

Trust Factors: This extension presents significant trust concerns. With only 137 users and a perfect 5.0 rating from just 5 reviews, the user base is extremely small and the rating sample is insufficient for reliable assessment. The lack of developer information, company details, and empty description field are major red flags that suggest this could be a malicious or abandoned extension.

Concerns: The extension requests an excessive combination of high-risk permissions that are concerning for an extension with no clear purpose. The ability to read and write clipboard data combined with broad content script injection across all websites creates a perfect storm for data theft. The tabs permission allows monitoring of browsing behavior, while unlimited storage could be used to exfiltrate large amounts of stolen data. The broad content script injection means this extension can access sensitive information on banking sites, email platforms, and any other website you visit.

Recommendations: Do not install this extension. The combination of missing developer information, unclear purpose, excessive permissions, and tiny user base strongly suggests malicious intent. If you have already installed it, remove it immediately and consider changing passwords for sensitive accounts. The risk-to-benefit ratio is unacceptable given the complete lack of transparency about the extension's functionality and developer identity.

Findings

HIGH

Broad Content Script Injection

This extension can inject scripts into any website. This means it could potentially read sensitive data, modify website content, or steal credentials.

HIGH

High-Risk Permission: clipboardRead

This extension has the clipboardRead permission. Can read clipboard content. This could potentially be used maliciously to compromise security or privacy.

HIGH

High-Risk Permission: clipboardWrite

This extension has the clipboardWrite permission. Can modify clipboard content. This could potentially be used maliciously to compromise security or privacy.

HIGH

High-Risk Permission: tabs

This extension has the tabs permission. Can access browser tab information and manipulate tabs. This could potentially be used maliciously to compromise security or privacy.

MEDIUM

Medium-Risk Permission: activeTab

This extension has the activeTab permission. Can access the active tab when clicking the extension icon.

MEDIUM

Medium-Risk Permission: storage

This extension has the storage permission. Can store data locally.

MEDIUM

Medium-Risk Permission: unlimitedStorage

This extension has the unlimitedStorage permission. Can store unlimited data locally.

Security Analysis Details

Required Permissions:

offscreen
storage
tabs
activeTab
unlimitedStorage
clipboardRead
clipboardWrite

Embedded URLs (349 total):

https://fonts.googleapis.com/css2?family=Readex+Pro:wght@200	https://reactjs.org/docs/error-decoder.html?invariant=
http://www.w3.org/1999/xlink	http://www.w3.org/XML/1998/namespace
http://www.w3.org/2000/svg	http://www.w3.org/1998/Math/MathML
http://www.w3.org/1999/xhtml	https://docs.swmansion.com/react-native-reanimated/docs/fundamentals/installation/
https://github.com/react-native-community/cli/blob/master/docs/autolinking.md	https://reactnavigation.org/docs/navigation-actions#navigate
https://reactnavigation.org/docs/navigating-without-navigation-prop#handling-initialization	https://reactnavigation.org/docs/nesting-navigators
https://reactnavigation.org/docs/getting-started	https://reactnavigation.org/docs/hello-react-navigation
https://reactnavigation.org/docs/configuring-links	https://reactnavigation.org/docs/use-focus-effect
https://reactnavigation.org/docs/stack-navigator#presentation	https://reactnavigation.org/docs/stack-navigator/#headershown
https://reactnavigation.org/docs/stack-navigator/#headermode	https://reactnavigation.org/docs/stack-navigator/#keyboardhandlingenabled
https://common.onekey-asset.com/chain/all.png	https://expo.dev
https://assets.nufinetes.com/profile/avatar	https://placehold.co/32@3x/1B2127/98A2B3/png?text=
https://reactnavigation.org/docs/bottom-tab-navigator#options	https://reactnavigation.org/docs/bottom-tab-navigator/#lazy
https://ramp.stably.io/?integrationId=vimworld-fb172080&tonetworks=ethereum&toassets=ojee	https://placehold.co/32@2x/6D767F/98A2B3/png?text=
https://www.vimworld.com/	https://api.blocknative.com/gasprices/blockprices
https://www.nufinetes.com/terms-of-use	https://www.nufinetes.com/privacy-policy
https://discord.gg/vimworld	https://nufinetes.com
https://api-common.nufinetes.com	https://open-api-testnet.vimworld.org
https://bnb-api.vimworld.com/v1	https://bnb-testnet-api-server.vimworld.org/v1
https://api-static.vimworld.com	https://bnb-testnet-api-static.vimworld.org
https://api.nufinetes.com	https://api.nufinetes.io
https://assets.nufinetes.com/networks/eth.png	https://mainnet.infura.io/v3/cc53a6d64371468dbf282768a9c4d538
https://mainnet.infura.io/v3/2aa8916050a54daab92a82ce73291730	https://cloudflare-eth.com
https://rpc.ankr.com/eth	https://rpc.flashbots.net
https://eth-mainnet.alchemyapi.io/v2/QKMdAyFAARxN-dEm_USOu8-u0klcBuTO	https://eth-mainnet.gateway.pokt.network/v1/lb/611156b4a585a20035148406
https://api.mycryptoapi.com/eth	https://eth-mainnet.gateway.pokt.network/v1/5f3453978e354ab992c4da79
https://eth.public-rpc.com	https://main-light.eth.linkpool.io
https://mainnet-eth.compound.finance	https://eth626892d.jccdex.cn
https://1rpc.io/eth	https://onekey-eth.rpc.blxrbdn.com
https://cn.etherscan.com/address/	https://cn.etherscan.com/block/
https://cn.etherscan.com/	https://cn.etherscan.com/tx/
https://etherscan.io/address/	https://etherscan.io/block/
https://etherscan.io/	https://etherscan.io/tx/
https://www.oklink.com/eth/address/	https://www.oklink.com/eth/block/
https://www.oklink.com/eth/	https://www.oklink.com/eth/tx/
https://assets.nufinetes.com/networks/btc.png	https://1rpc.io/btc
https://node.onekey.so/btc	https://btc1.trezor.io
https://api.nufinetes.com/nodes/btc	https://blockchair.com/bitcoin/address/
https://blockchair.com/bitcoin/block/	https://blockchair.com
https://blockchair.com/bitcoin/transaction/	https://assets.nufinetes.com/networks/polygon.png

Page 1 of 5

Raw Manifest

{
  "name": "Nufinetes",
  "icons": {
    "128": "icon-128.png"
  },
  "action": {
    "default_icon": "icon-34.png"
  },
  "version": "1.4.2",
  "background": {
    "type": "module",
    "service_worker": "background.bundle.js"
  },
  "update_url": "https://clients2.google.com/service/update2/crx",
  "description": "Cross Chain Wallet",
  "permissions": [
    "offscreen",
    "storage",
    "tabs",
    "activeTab",
    "unlimitedStorage",
    "clipboardRead",
    "clipboardWrite"
  ],
  "content_scripts": [
    {
      "js": [
        "content.bundle.js"
      ],
      "run_at": "document_start",
      "matches": [
        "<all_urls>"
      ],
      "all_frames": true,
      "injectImmediate": true
    },
    {
      "js": [
        "injected.js"
      ],
      "world": "MAIN",
      "run_at": "document_start",
      "matches": [
        "<all_urls>"
      ],
      "all_frames": true,
      "injectImmediate": true
    }
  ],
  "manifest_version": 3,
  "minimum_chrome_version": "111",
  "web_accessible_resources": [
    {
      "matches": [],
      "resources": [
        "icon-128.png",
        "icon-34.png"
      ]
    },
    {
      "matches": [
        "<all_urls>"
      ],
      "resources": [
        "injected.js",
        "*.bundle.js.map"
      ]
    },
    {
      "matches": [
        "<all_urls>"
      ],
      "resources": [
        "images/*"
      ]
    }
  ]
}

by ✦ Astarte

Nufinetes

Extension Details

Context-Aware Verdict

Findings

Security Analysis Details

Required Permissions:

Embedded URLs (349 total):

Raw Manifest

Detections

Manifest Findings