[ new scan ] [ statistics ] [ github ] [ twitter ] [ help ]

CFCA CryptoKit.ChinaTRC_V3 Extension

Version 3.4.0.6 View in Chrome Web Store

Last scanned: about 6 hours ago

Extension Details

Rating: 0.0 ★

Context-Aware Verdict

HIGH

Overall Risk

Trust Factors:

The extension appears to be developed by CFCA (China Financial Certification Authority) for cryptographic operations, which suggests legitimate enterprise use. However, several concerning factors undermine trust: no visible download count, no user ratings, missing developer information, and no recent update timestamp. The extension name suggests it's designed for specific Chinese financial/certification systems.

Concerns:

The most significant concern is the extensive list of host permissions targeting numerous internal IP addresses (10.x.x.x, 11.x.x.x, 172.x.x.x ranges) and the chinatrc.com.cn domain. This suggests the extension is designed for corporate network environments but grants access to dozens of specific internal servers. The nativeMessaging permission allows communication with local applications, which combined with the broad network access creates potential for significant system compromise. The lack of transparency regarding the developer and the absence of user feedback raises additional red flags about the extension's legitimacy and safety.

Recommendations:

Given the high-risk nature, only install this extension if you're certain it's required for legitimate business operations within a CFCA-managed environment. If installation is necessary, use a dedicated Chrome profile isolated from personal browsing. Verify the extension's authenticity through official CFCA channels before installation. Monitor network activity and consider restricting the extension's access through enterprise policies if possible.

Findings

HIGH

Broad Host Permissions

This extension has broad host permissions allowing it to access many or all websites. This could potentially be used to steal sensitive data or track browsing activity.

Security Analysis Details

Required Permissions:

nativeMessaging

Host Permissions:

http://10.10.20.37/*
https://10.10.20.37/*
http://10.10.10.32/*
https://10.10.10.32/*
http://10.19.1.249/*
https://10.19.1.249/*
http://11.11.10.93/*
http://11.12.3.25/*
http://11.12.2.17/*
https://11.12.3.25/*
https://11.12.2.17/*
http://11.12.5.27/*
https://11.12.5.27/*
http://11.12.2.44/*
https://11.12.2.44/*
http://10.19.1.250/*
https://10.19.1.250/*
http://10.19.1.251/*
https://10.19.1.251/*
http://10.19.1.252/*
https://10.19.1.252/*
http://11.12.50.18/*
http://11.12.3.62/*
http://*.chinatrc.com.cn/*
https://*.chinatrc.com.cn/*
http://11.12.4.31/*
http://11.12.4.53/*
http://11.12.3.100/*
http://11.12.3.101/*
http://11.12.2.127/*
http://11.12.2.128/*
http://11.12.3.126/*
http://11.12.3.61/*
http://10.19.1.225/*
http://10.19.1.226/*
http://172.30.132.71/*
http://172.31.132.71/*
http://11.12.4.60/*
http://11.12.3.113/*
http://11.12.2.158/*
http://11.12.7.53/*
http://10.10.20.37/*
http://11.12.7.53/*
https://10.19.1.225/*
https://10.19.1.226/*

Embedded URLs (42 total):

https://clients2.google.com/service/update2/crx	http://10.10.20.37/
https://10.10.20.37/	http://10.10.10.32/
https://10.10.10.32/	http://10.19.1.249/
https://10.19.1.249/	http://11.11.10.93/
http://11.12.3.25/	http://11.12.2.17/
https://11.12.3.25/	https://11.12.2.17/
http://11.12.5.27/	https://11.12.5.27/
http://11.12.2.44/	https://11.12.2.44/
http://10.19.1.250/	https://10.19.1.250/
http://10.19.1.251/	https://10.19.1.251/
http://10.19.1.252/	https://10.19.1.252/
http://11.12.50.18/	http://11.12.3.62/
http://11.12.4.31/	http://11.12.4.53/
http://11.12.3.100/	http://11.12.3.101/
http://11.12.2.127/	http://11.12.2.128/
http://11.12.3.126/	http://11.12.3.61/
http://10.19.1.225/	http://10.19.1.226/
http://172.30.132.71/	http://172.31.132.71/
http://11.12.4.60/	http://11.12.3.113/
http://11.12.2.158/	http://11.12.7.53/
https://10.19.1.225/	https://10.19.1.226/

Raw Manifest

{
  "name": "CFCA CryptoKit.ChinaTRC_V3 Extension",
  "icons": {
    "16": "icon-16.png",
    "48": "icon-48.png",
    "128": "icon-128.png"
  },
  "action": {
    "default_icon": {
      "16": "icon-16.png",
      "48": "icon-48.png",
      "128": "icon-128.png"
    }
  },
  "author": "CFCA",
  "version": "3.4.0.6",
  "background": {
    "service_worker": "eventPage.js"
  },
  "update_url": "https://clients2.google.com/service/update2/crx",
  "description": "CFCA Security Application Development Kit",
  "permissions": [
    "nativeMessaging"
  ],
  "host_permissions": [
    "http://10.10.20.37/*",
    "https://10.10.20.37/*",
    "http://10.10.10.32/*",
    "https://10.10.10.32/*",
    "http://10.19.1.249/*",
    "https://10.19.1.249/*",
    "http://11.11.10.93/*",
    "http://11.12.3.25/*",
    "http://11.12.2.17/*",
    "https://11.12.3.25/*",
    "https://11.12.2.17/*",
    "http://11.12.5.27/*",
    "https://11.12.5.27/*",
    "http://11.12.2.44/*",
    "https://11.12.2.44/*",
    "http://10.19.1.250/*",
    "https://10.19.1.250/*",
    "http://10.19.1.251/*",
    "https://10.19.1.251/*",
    "http://10.19.1.252/*",
    "https://10.19.1.252/*",
    "http://11.12.50.18/*",
    "http://11.12.3.62/*",
    "http://*.chinatrc.com.cn/*",
    "https://*.chinatrc.com.cn/*",
    "http://11.12.4.31/*",
    "http://11.12.4.53/*",
    "http://11.12.3.100/*",
    "http://11.12.3.101/*",
    "http://11.12.2.127/*",
    "http://11.12.2.128/*",
    "http://11.12.3.126/*",
    "http://11.12.3.61/*",
    "http://10.19.1.225/*",
    "http://10.19.1.226/*",
    "http://172.30.132.71/*",
    "http://172.31.132.71/*",
    "http://11.12.4.60/*",
    "http://11.12.3.113/*",
    "http://11.12.2.158/*",
    "http://11.12.7.53/*",
    "http://10.10.20.37/*",
    "http://11.12.7.53/*",
    "https://10.19.1.225/*",
    "https://10.19.1.226/*"
  ],
  "manifest_version": 3,
  "externally_connectable": {
    "matches": [
      "http://10.10.20.37/*",
      "https://10.10.20.37/*",
      "http://10.10.10.32/*",
      "https://10.10.10.32/*",
      "http://10.19.1.249/*",
      "https://10.19.1.249/*",
      "http://11.11.10.93/*",
      "http://11.12.3.25/*",
      "http://11.12.2.17/*",
      "https://11.12.3.25/*",
      "https://11.12.2.17/*",
      "http://11.12.5.27/*",
      "https://11.12.5.27/*",
      "http://11.12.2.44/*",
      "https://11.12.2.44/*",
      "http://10.19.1.250/*",
      "https://10.19.1.250/*",
      "http://10.19.1.251/*",
      "https://10.19.1.251/*",
      "http://10.19.1.252/*",
      "https://10.19.1.252/*",
      "http://11.12.50.18/*",
      "http://11.12.3.62/*",
      "http://*.chinatrc.com.cn/*",
      "https://*.chinatrc.com.cn/*",
      "http://11.12.4.31/*",
      "http://11.12.4.53/*",
      "http://11.12.3.100/*",
      "http://11.12.3.101/*",
      "http://11.12.2.127/*",
      "http://11.12.2.128/*",
      "http://11.12.3.126/*",
      "http://11.12.3.61/*",
      "http://10.19.1.225/*",
      "http://10.19.1.226/*",
      "http://172.30.132.71/*",
      "http://172.31.132.71/*",
      "http://11.12.4.60/*",
      "http://11.12.3.113/*",
      "http://11.12.2.158/*",
      "http://11.12.7.53/*",
      "http://10.10.20.37/*",
      "http://11.12.7.53/*",
      "https://10.19.1.225/*",
      "https://10.19.1.226/*"
    ]
  },
  "minimum_chrome_version": "88"
}

by ✦ Astarte