Starting analysis...
Video Downloader - MPMux
Version 1.2 View in Chrome Web Store
Extension Details
Context-Aware Verdict
The extension has a strong user base with 200,000 users and an impressive 4.9-star rating from 4,600+ reviews, suggesting legitimate functionality. The developer domain mpmux.com appears to be specifically created for this extension's purpose. However, the lack of detailed developer information and recent update history raises some transparency concerns.
The extension's permission set is extremely broad and concerning for a video downloader. The combination of webRequest interception, universal host permissions, and content script injection across all websites creates significant security risks. These permissions allow the extension to monitor, intercept, and modify all web traffic and inject code into every website you visit. For a video downloader, such extensive access seems unnecessary and disproportionate to its stated function. The ability to access all tabs and manipulate web requests could enable data harvesting, credential theft, or traffic manipulation.
Given the critical risk level, consider running this extension in a completely separate Chrome profile dedicated solely to video downloading activities. Avoid using this profile for sensitive activities like banking, email, or social media. Alternative options include using standalone video downloading software or browser-based downloaders that don't require such extensive permissions. If you must use this extension, regularly monitor your network activity and consider using it only on trusted, non-sensitive websites.
Findings
Security Analysis Details
Required Permissions:
- tabs
- webRequest
- storage
- declarativeNetRequest
Host Permissions:
- http://*/*
- https://*/*
Embedded URLs (12 total):
| https://getbootstrap.com/ | https://github.com/twbs/bootstrap/blob/main/LICENSE | |
| http://www.w3.org/2000/svg | https://icons.getbootstrap.com/ | |
| https://github.com/twbs/icons/blob/main/LICENSE | https://aomedia.org/emsg/ID3 | |
| http://www.w3.org/ns/ttml#styling | https://mpmux.com/v1.json | |
| https://v1.mpmux.com | https://clients2.google.com/service/update2/crx | |
| https://mpmux.com/ | https://mpmux.com |
Raw Manifest
{ "name": "__MSG_manifest_name__", "icons": { "16": "img/icon-16.png", "48": "img/icon-48.png", "128": "img/icon-128.png" }, "action": { "default_icon": { "16": "img/icon-16.png", "48": "img/icon-48.png", "128": "img/icon-128.png" }, "default_popup": "popup.html", "default_title": "__MSG_manifest_browser_action__" }, "version": "1.2", "background": { "service_worker": "background.js" }, "short_name": "MPMux", "update_url": "https://clients2.google.com/service/update2/crx", "description": "__MSG_manifest_description__", "permissions": [ "tabs", "webRequest", "storage", "declarativeNetRequest" ], "homepage_url": "https://mpmux.com/", "default_locale": "en", "content_scripts": [ { "js": [ "js/jquery.min.js", "js/content-downloader.js" ], "run_at": "document_end", "matches": [ "*://mpmux.com/hlsdownloader", "*://mpmux.com/*/hlsdownloader", "*://mpmux.com/staticdownloader", "*://mpmux.com/*/staticdownloader", "*://mpmux.com/buffermuxer", "*://mpmux.com/*/buffermuxer", "*://*.mpmux.com/hlsdownloader", "*://*.mpmux.com/*/hlsdownloader", "*://*.mpmux.com/staticdownloader", "*://*.mpmux.com/*/staticdownloader", "*://*.mpmux.com/buffermuxer", "*://*.mpmux.com/*/buffermuxer" ] }, { "js": [ "js/content-listener.js" ], "run_at": "document_start", "matches": [ "*://*/*" ], "all_frames": true, "exclude_globs": [ "*//*.mpmux.com/*", "*//mpmux.com/*" ] } ], "host_permissions": [ "http://*/*", "https://*/*" ], "manifest_version": 3, "web_accessible_resources": [ { "matches": [ "*://*/*" ], "resources": [ "js/proxy.js" ] } ] }
ⓘ CRXaminer has partnered with our friends at Secure Annex to provide additional findings unique to their platform.
Secure Annex also analyzes extensions from other browsers, IDEs, and can continuously monitor.
This extension may not yet be analyzed by Secure Annex.