Popup Blocker - Blocks annoying Popups
Version 1.17.5 View in Chrome Web Store
Extension Details
Context-Aware Verdict
The extension has a moderate user base of 90,000 users and a decent rating of 3.9 stars, suggesting some level of user satisfaction. However, the relatively low number of reviews (94) compared to the user count raises questions about user engagement. The developer domain "popupsblocker.org" appears purpose-built for this extension, but lacks established company credentials or transparency about the development team.
The extension requests extremely broad permissions that far exceed what's necessary for basic popup blocking. The combination of tabs permission, scripting capabilities, and <all_urls> access creates a powerful surveillance toolkit. Most legitimate popup blockers operate through declarativeNetRequest rules without requiring script injection into every website. The unlimitedStorage permission is particularly concerning as it could enable extensive data collection and storage. The broad content script injection capability means this extension can read all data on every website you visit, including passwords, personal information, and sensitive communications.
Consider running this extension in a separate Chrome profile dedicated to non-sensitive browsing if you must use it. Better alternatives would be established popup blockers like uBlock Origin or built-in browser popup blocking features. If you continue using this extension, regularly review what data it might be collecting and consider your browsing habits while it's active. Monitor your system for unusual network activity or performance issues.
Findings
Security Analysis Details
Required Permissions:
- tabs
- storage
- declarativeNetRequest
- declarativeNetRequestWithHostAccess
- unlimitedStorage
- alarms
- scripting
Host Permissions:
- <all_urls>
Content Security Policy:
- extension_pages: script-src 'self'; object-src 'self'
Embedded URLs (1 total):
| https://clients2.google.com/service/update2/crx |
Raw Manifest
{ "name": "__MSG_appName__", "icons": { "128": "128.png" }, "version": "1.17.5", "background": { "service_worker": "serviceworker.js" }, "update_url": "https://clients2.google.com/service/update2/crx", "description": "__MSG_appDesc__", "permissions": [ "tabs", "storage", "declarativeNetRequest", "declarativeNetRequestWithHostAccess", "unlimitedStorage", "alarms", "scripting" ], "default_locale": "en", "content_scripts": [ { "js": [ "content_script.js" ], "run_at": "document_start", "matches": [ "<all_urls>" ], "all_frames": true } ], "host_permissions": [ "<all_urls>" ], "manifest_version": 3, "content_security_policy": { "extension_pages": "script-src 'self'; object-src 'self'" }, "web_accessible_resources": [ { "matches": [ "<all_urls>" ], "resources": [ "web-accessible-resources/*", "close.html", "128.png" ], "use_dynamic_url": true } ] }
ⓘ CRXaminer has partnered with our friends at Secure Annex to provide additional findings unique to their platform.
Secure Annex also analyzes extensions from other browsers, IDEs, and can continuously monitor.
This extension may not yet be analyzed by Secure Annex.