The extension lacks fundamental identifying information including name, description, author details, user count, and ratings. This complete absence of metadata is highly suspicious and suggests either a malicious extension or one that has been deliberately obscured. The lack of transparency makes it impossible to verify the developer's legitimacy or assess user community feedback.
The extension exhibits an extremely dangerous permission profile with broad access capabilities that far exceed what most legitimate extensions require. The combination of tabs permission, all_urls host permissions, and universal content script injection creates a perfect storm for malicious activity. The extension can monitor all browsing activity, access sensitive data on any website, manipulate web pages, and potentially steal credentials or personal information. The storage permission allows it to persist stolen data locally.
Do not install this extension under any circumstances. The combination of missing identification information and excessive permissions strongly suggests malicious intent. If already installed, remove it immediately and run a security scan. If you absolutely must test suspicious extensions, use a completely isolated Chrome profile with no access to personal accounts or sensitive data. Consider reporting this extension to Chrome Web Store security team for investigation.
| https://tailwindcss.com | https://github.com/sindresorhus/modern-normalize | |
| http://www.w3.org/2000/svg | https://api.sikkershopping.dk/ | |
| https://www.sikkershopping.dk/tak | https://api.sikkershopping.dk/__/patterns/ | |
| https://www.emaerket.dk/anmeld-svindel | https://rollbar.com/item/uuid/?uuid= | |
| https://rollbar.com/occurrence/uuid/?uuid= | http://jedwatson.github.io/classnames | |
| https://reactjs.org/docs/error-decoder.html?invariant= | http://www.w3.org/1999/xlink | |
| http://www.w3.org/XML/1998/namespace | http://www.w3.org/1998/Math/MathML | |
| http://www.w3.org/1999/xhtml | https://feross.org | |
| https://fup-api.emaerket.dk/html/tjek-opsaetning | https://www.sikkershopping.dk/opsaetning?success= | |
| https://clients2.google.com/service/update2/crx |
{ "name": "__MSG_extName__", "icons": { "16": "images/sikker-shopping-app-icon-16.png", "32": "images/sikker-shopping-app-icon-32.png", "48": "images/sikker-shopping-app-icon-48.png", "96": "images/sikker-shopping-app-icon-96.png", "128": "images/sikker-shopping-app-icon-128.png" }, "action": { "default_icon": "images/emaerket-shield-grey.png", "default_popup": "html/popup.html", "default_title": "__MSG_iconDefaultTitle__" }, "version": "2.0.13", "background": { "type": "module", "service_worker": "js/background.js" }, "options_ui": { "page": "html/options.html", "open_in_tab": false }, "update_url": "https://clients2.google.com/service/update2/crx", "description": "__MSG_extDescription__", "permissions": [ "tabs", "activeTab", "storage" ], "default_locale": "da", "content_scripts": [ { "js": [ "js/content.js" ], "css": [ "css/injections.css" ], "run_at": "document_idle", "matches": [ "*://*/*" ] } ], "host_permissions": [ "<all_urls>" ], "manifest_version": 3, "externally_connectable": { "matches": [ "https://*.sikkershopping.dk/*" ] }, "content_security_policy": { "extension_pages": "script-src 'self'; object-src 'self';" }, "web_accessible_resources": [ { "matches": [ "*://*/*", "<all_urls>" ], "resources": [ "images/*.png", "images/*.svg", "fonts/Roboto-Regular.ttf", "html/welcome.html", "js/*.js", "css/styles.css", "json/*.json" ] }, { "resources": [ "images/*.png", "images/*.svg", "fonts/Roboto-Regular.ttf", "html/welcome.html", "js/welcome.js", "css/styles.css" ], "extension_ids": [ "*" ] } ] }
ⓘ CRXaminer has partnered with our friends at Secure Annex to provide additional findings unique to their platform.
Secure Annex also analyzes extensions from other browsers, IDEs, and can continuously monitor.
This extension may not yet be analyzed by Secure Annex.