[ new scan ] [ statistics ] [ github ] [ twitter ] [ help ]

CK-Authenticator G3

Version 5.0 View in Chrome Web Store

Last scanned: 12 days ago | force re-scan

Extension Details

Developer: packetkeeper.net

Rating: 1.1 ★ (88 ratings)

Users: 1,000,000

Context-Aware Verdict

CRITICAL

Overall Risk

Trust Factors:

The extension has a substantial user base of 1 million users, which suggests some level of adoption. However, the extremely low rating of 1.1 out of 5 stars with 88 reviews is a major red flag indicating widespread user dissatisfaction or potential malicious behavior. The developer "packetkeeper.net" lacks clear identification or established reputation, and the absence of recent update information raises concerns about maintenance and security patches.

Concerns:

The extension exhibits multiple severe security risks that are disproportionate to its authentication purpose. The combination of webRequest and webRequestBlocking permissions with all_urls access creates a perfect storm for man-in-the-middle attacks. The identity permission could expose personal information unnecessarily. The unsafe WebAssembly execution policy allows potentially obfuscated malicious code. Most concerning is that these extensive permissions seem excessive for a typical authenticator application, suggesting possible malicious intent or poor security practices.

Recommendations:

Do not install this extension under any circumstances. The critical risk level combined with the terrible user rating strongly suggests malicious behavior. If you absolutely must use an authenticator extension, choose well-established alternatives like Google Authenticator or Authy with better ratings and transparent development teams. If already installed, remove immediately and scan your system for potential compromise. Consider using hardware-based authentication methods instead of browser extensions for sensitive accounts.

Findings

HIGH

Broad Host Permissions

This extension has broad host permissions allowing it to access many or all websites. This could potentially be used to steal sensitive data or track browsing activity.

HIGH

Dangerous Permission Combination: webRequest + webRequestBlocking

This extension can intercept, modify, and block web requests in real-time. This combination could be used to modify sensitive web traffic or steal data.

HIGH

High-Risk Permission: identity

This extension has the identity permission. Can access your identity information. This could potentially be used maliciously to compromise security or privacy.

HIGH

High-Risk Permission: webRequest

This extension has the webRequest permission. Can intercept and modify web requests. This could potentially be used maliciously to compromise security or privacy.

HIGH

High-Risk Permission: webRequestBlocking

This extension has the webRequestBlocking permission. Can block and modify web requests in real-time. This could potentially be used maliciously to compromise security or privacy.

HIGH

Unsafe WebAssembly Execution

This extension's Content Security Policy allows 'wasm-unsafe-eval', which permits potentially dangerous WebAssembly code execution. This could be used to hide malicious code or perform CPU-intensive operations.

Raw Manifest

{
  "name": "CK-Authenticator G3",
  "icons": {
    "16": "img/ckauth19x.png",
    "32": "img/ckauth19x.png",
    "48": "img/ckauth19x.png",
    "128": "img/ckauth19x.png"
  },
  "action": {
    "default_icon": "img/ckauth19x.png",
    "default_popup": "popup.html"
  },
  "version": "5.0",
  "background": {
    "service_worker": "serviceWorker.js"
  },
  "update_url": "https://clients2.google.com/service/update2/crx",
  "description": "ContentKeeper Authenticator G3",
  "permissions": [
    "webRequest",
    "webRequestBlocking",
    "identity",
    "identity.email"
  ],
  "offline_enabled": true,
  "host_permissions": [
    "<all_urls>"
  ],
  "manifest_version": 3,
  "content_security_policy": {
    "extension_pages": "script-src 'self' 'wasm-unsafe-eval'; object-src 'self'"
  },
  "web_accessible_resources": [
    {
      "matches": [
        "<all_urls>"
      ],
      "resources": [
        "img/ckauth19x.png"
      ]
    }
  ]
}

by ✦ Astarte

CK-Authenticator G3

Extension Details

Context-Aware Verdict

Findings

Security Analysis Details

Required Permissions:

Host Permissions:

Content Security Policy:

Embedded URLs (1 total):

Raw Manifest

Detections

Manifest Findings