Is KyberLock safe to use?

KyberLock has a security risk score of 50.58/100 (MEDIUM risk). Our security analysis detected 259 findings. Review the detailed security assessment below to understand the specific risks before installation.

What are the security risks of KyberLock?

Based on our automated security analysis, KyberLock presents medium risk level. The extension is analyzed for malware patterns, secret exposure, network communications, permissions, and supply chain vulnerabilities.

How is the security score calculated?

Risky Plugins calculates security scores using weighted categories: severity of findings (25 points max), malware detections (35 points), secret exposure (28 points), network communications (10 points), and obfuscation (10 points). Scores range from 0-100, with higher scores indicating greater risk.

What does CRITICAL, HIGH, MEDIUM, LOW, MINIMAL risk mean?

CRITICAL (80-100): Severe security issues like malware. HIGH (60-79): Significant vulnerabilities. MEDIUM (40-59): Moderate security concerns. LOW (20-39): Minor issues. MINIMAL (0-19): Very low risk. Always review findings before installing any extension.

Is "KyberLock" on Chrome Web Store Safe to Install?

[email protected] · chrome · v1.0.3

TAKE PRIVACY INTO YOUR OWN HANDS End-to-end secure encryption, plus steganography for email and real-time chat, safe against quantum computers. KyberLock is the next step in the evolution of PassLok, also in this store. Like its predecessor, KyberLock does not use servers that might compromise your information. Everything is done offline. KyberLock stores nothing secret, not even in your device. With KyberLock, you can: - Write messages than only the intended recipient can read. - Do this without having established a secret password. - Lock files and images as easily as text. - Establish a real-time peer-to-peer chat involving text, files, audio, and video - Digitally sign text, images, and files so others can be sure they come from you. - Convert your favorite email or texting app into a secure communication channel. - Hide private information as apparently innocent text, or inside images. - Use Decoy mode, so your true message is not what it appears to be. - Create messages that can be read only once. - Communicate across platforms, even without a network. - Send confidential mailings to several people at the same time. - Use a borrowed device in case yours is bugged. - Be as paranoid as you like. We are really paranoid, and this is why we developed KyberLock. KyberLock is built on the recently standardized Crystals-Kyber encryption method, based on the math of Module Lattices. Unlike current methods, this method is expected to be safe against quantum computers for many years to come. On top of that, KyberLock uses 256-bit XChaCha20 encryption to complete the locking process. XChaCha20 is a high-performance, open source cipher, which has been scrutinized by experts for nearly a decade without any practical weaknesses being found. The first time you run KyberLock, it helps you to come up with a strong text-based secret Key, which can be whatever you want it to be. KyberLock places no restrictions to make sure that you can always remember your Key without ever having to write it down. From your secret Key, KyberLock creates a Lock, which is a piece of random-looking text that you give to the people you wish to send messages to you. They will "put your Lock" on those messages, and only your Key, which you have given to no one, will be able to unlock them. This is the Chrome app version of KyberLock, essentially identical to the versions released for computers and mobile platforms. In addition, there is a pure html version of KyberLock at: https://kyberlock.com/app If you want to check it out, you should save that page as HTML only, get the SHA256 of that with an external program or web page, and compare it with the value below. This is not necessary for app store versions like this one, which are code-signed by the app store. This is the SHA256 for the single-file html version of KyberLock 1.0.1: 1024-6687-b546-9561-7eb4-0527-311a-cfbc-e8bc-e6c8-ed4b-a51b-4acd-85b8-e153-baab Watch the developer reading this: https://www.youtube.com/watch?v=EUYE_6gBuLo

Risk Assessment

Analyzed

50.58

out of 100

MEDIUM

259 security findings detected across all analyzers

Chrome extension requesting 1 permission

Severity Breakdown

Critical

High

210

Medium

Low

Info

Finding Categories

Malware Signatures

Network

173

IoC Indicators

YARA Rules Matched

9 rules(49 hits)

postinstall obfuscation postinstall file manipulation postinstall crypto operations postinstall file download NoUseWeakRandom postinstall network communication postinstall system command postinstall registry modification postinstall persistence mechanism

Requested Permissions

1 permission

storage

Low

About This Extension

Detailed Findings

50 total

YARA Rule Matches

9 rules

Indicators of Compromise

Network indicators, suspicious strings, and potential IoCs extracted during analysis

URLs

IP Addresses

Domains

Strings

173

All Indicators · 173

URL

detected URL: https://www.youtube.com/watch?v=UxgrES_CGcg

XIOC detected URL: https://www.youtube.com/watch?v=UxgrES_CGcg

extracted_from_files

Domain

detected Domain: stack.map

XIOC detected Domain: stack.map

extracted_from_files

URL

detected URL: https://hash.online-convert.com/sha256-generator)

XIOC detected URL: https://hash.online-convert.com/sha256-generator)

extracted_from_files

URL

detected URL: https://www.youtube.com/watch?v=_7Fju1EwhV4

XIOC detected URL: https://www.youtube.com/watch?v=_7Fju1EwhV4

extracted_from_files

URL

detected URL: https://github.com/sindresorhus/validate-element-name

XIOC detected URL: https://github.com/sindresorhus/validate-element-name

extracted_from_files

URL

detected URL: https://clients2.google.com/service/update2/crx

XIOC detected URL: https://clients2.google.com/service/update2/crx

extracted_from_files

URL

detected URL: https://developer.mozilla.org/en-US/docs/Web/API/Node/nodeType

XIOC detected URL: https://developer.mozilla.org/en-US/docs/Web/API/Node/nodeType

extracted_from_files

URL

detected URL: http://w3c.github.io/webcomponents/spec/custom/#creating-and-passing-registries)

XIOC detected URL: http://w3c.github.io/webcomponents/spec/custom/#creating-and-passing-registries)

extracted_from_files

URL

detected URL: http://www.w3.org/1998/Math/MathML';

XIOC detected URL: http://www.w3.org/1998/Math/MathML';

extracted_from_files

URL

detected URL: http://www.w3.org/2000/svg';

XIOC detected URL: http://www.w3.org/2000/svg';

extracted_from_files

URL

detected URL: http://www.w3.org/1999/xhtml';

XIOC detected URL: http://www.w3.org/1999/xhtml';

extracted_from_files

URL

detected URL: https://www.w3.org/TR/xhtml1/normative.html#strict)

XIOC detected URL: https://www.w3.org/TR/xhtml1/normative.html#strict)

extracted_from_files

URL

detected URL: http://www.w3.org/1999/xhtml

XIOC detected URL: http://www.w3.org/1999/xhtml

extracted_from_files

URL

detected URL: http://www.irongeek.com/i.php?page=security/unicode-steganography-homoglyph-encoder,

XIOC detected URL: http://www.irongeek.com/i.php?page=security/unicode-steganography-homoglyph-encoder,

extracted_from_files

URL

detected URL: http://burtleburtle.net/bob/rand/isaac.html

XIOC detected URL: http://burtleburtle.net/bob/rand/isaac.html

extracted_from_files

URL

detected URL: http://burtleburtle.net/bob/rand/isaacafa.html

XIOC detected URL: http://burtleburtle.net/bob/rand/isaacafa.html

extracted_from_files

URL

detected URL: https://github.com/owencm/js-steg

XIOC detected URL: https://github.com/owencm/js-steg

extracted_from_files

URL

detected URL: http://www.apache.org/licenses/LICENSE-2.0

XIOC detected URL: http://www.apache.org/licenses/LICENSE-2.0

extracted_from_files

URL

detected URL: http://www.wtfpl.net/

XIOC detected URL: http://www.wtfpl.net/

extracted_from_files

URL

detected URL: http://pieroxy.net/blog/pages/lz-string/testing.html

XIOC detected URL: http://pieroxy.net/blog/pages/lz-string/testing.html

extracted_from_files

URL

detected URL: https://github.com/fruiz500/passlok-stego

XIOC detected URL: https://github.com/fruiz500/passlok-stego

extracted_from_files

URL

detected URL: https://passlok.com/learn'

XIOC detected URL: https://passlok.com/learn'

extracted_from_files

URL

detected URL: http://snippetrepo.com/snippets/bignum-base-conversion,

XIOC detected URL: http://snippetrepo.com/snippets/bignum-base-conversion,

extracted_from_files

URL

detected URL: https://kyberlock.com/app/index.html

XIOC detected URL: https://kyberlock.com/app/index.html

extracted_from_files

URL

detected URL: https://kyberlock.com/app

XIOC detected URL: https://kyberlock.com/app

extracted_from_files

URL

detected URL: https://KyberLock.com/app'

XIOC detected URL: https://KyberLock.com/app'

extracted_from_files

URL

detected URL: https://passlok.com/chat/chat.html#'

XIOC detected URL: https://passlok.com/chat/chat.html#'

extracted_from_files

URL

detected URL: https://github.com/fruiz500/KyberLock

XIOC detected URL: https://github.com/fruiz500/KyberLock

extracted_from_files

URL

detected URL: https://prgomez.com/current-version-of-kyberlock/

XIOC detected URL: https://prgomez.com/current-version-of-kyberlock/

extracted_from_files

URL

detected URL: https://ourcodeworld.com/articles/read/1438/how-to-read-multiple-files-at-once-using-the-filereader-class-in-javascript

XIOC detected URL: https://ourcodeworld.com/articles/read/1438/how-to-read-multiple-files-at-once-using-the-filereader-class-in-javascript

extracted_from_files

URL

detected URL: https://PassLok.com/chat/chat.html#

XIOC detected URL: https://PassLok.com/chat/chat.html#

extracted_from_files

URL

detected URL: https://xato.net/passwords/more-top-worst-passwords,

XIOC detected URL: https://xato.net/passwords/more-top-worst-passwords,

extracted_from_files

URL

detected URL: https://github.com/first20hours/google-10000-english.

XIOC detected URL: https://github.com/first20hours/google-10000-english.

extracted_from_files

URL

detected URL: https://fileformat.info/tool/hash.htm)

XIOC detected URL: https://fileformat.info/tool/hash.htm)

extracted_from_files

URL

detected URL: https://www.xorbin.com/tools/sha256-hash-calculator)

XIOC detected URL: https://www.xorbin.com/tools/sha256-hash-calculator)

extracted_from_files

URL

detected URL: http://KyberLock.com/get-KyberLock.html

XIOC detected URL: http://KyberLock.com/get-KyberLock.html

extracted_from_files

URL

detected URL: http://KyberLock.com

XIOC detected URL: http://KyberLock.com

extracted_from_files

URL

detected URL: https://KyberLock.com

XIOC detected URL: https://KyberLock.com

extracted_from_files

URL

detected URL: https://prgomez.com/current-version-of-kyberlock

XIOC detected URL: https://prgomez.com/current-version-of-kyberlock

extracted_from_files

URL

detected URL: https://www.youtube.com/watch?v=NrAfSo2xjnY

XIOC detected URL: https://www.youtube.com/watch?v=NrAfSo2xjnY

extracted_from_files

URL

detected URL: https://hash.online-convert.com/sha256-generator),

XIOC detected URL: https://hash.online-convert.com/sha256-generator),

extracted_from_files

URL

detected URL: https://www.youtube.com/watch?v=LubzBF4Xaa8

XIOC detected URL: https://www.youtube.com/watch?v=LubzBF4Xaa8

extracted_from_files

URL

detected URL: https://www.youtube.com/watch?v=3OUpuk3-tRo

XIOC detected URL: https://www.youtube.com/watch?v=3OUpuk3-tRo

extracted_from_files

URL

detected URL: https://www.youtube.com/watch?v=NlEJJpF-Wmo

XIOC detected URL: https://www.youtube.com/watch?v=NlEJJpF-Wmo

extracted_from_files

Domain

detected Domain: kyberlock.com

XIOC detected Domain: kyberlock.com

extracted_from_files

URL

detected URL: https://html.spec.whatwg.org/multipage/infrastructure.html#xml-compatible

XIOC detected URL: https://html.spec.whatwg.org/multipage/infrastructure.html#xml-compatible

extracted_from_files

URL

detected URL: http://www.w3.org/TR/xml/#d0e804)

XIOC detected URL: http://www.w3.org/TR/xml/#d0e804)

extracted_from_files

URL

detected URL: https://www.youtube.com/watch?v=_iXIyH6AnMI

XIOC detected URL: https://www.youtube.com/watch?v=_iXIyH6AnMI

extracted_from_files

URL

detected URL: https://www.youtube.com/watch?v=ZdVHaD-FpSk

XIOC detected URL: https://www.youtube.com/watch?v=ZdVHaD-FpSk

extracted_from_files

URL

detected URL: https://www.youtube.com/watch?v=zkcqEz3UjnM

XIOC detected URL: https://www.youtube.com/watch?v=zkcqEz3UjnM

extracted_from_files

URL

detected URL: https://www.youtube.com/watch?v=8zo-N5O82iM

XIOC detected URL: https://www.youtube.com/watch?v=8zo-N5O82iM

extracted_from_files

URL

detected URL: https://www.youtube.com/watch?v=Ttyvb0Qt7h0

XIOC detected URL: https://www.youtube.com/watch?v=Ttyvb0Qt7h0

extracted_from_files

URL

detected URL: https://www.youtube.com/watch?v=Vh9wwFZiV4w

XIOC detected URL: https://www.youtube.com/watch?v=Vh9wwFZiV4w

extracted_from_files

URL

detected URL: https://www.youtube.com/watch?v=BEXYuaCxciM

XIOC detected URL: https://www.youtube.com/watch?v=BEXYuaCxciM

extracted_from_files

URL

detected URL: https://www.youtube.com/watch?v=npROBlHjxmc

XIOC detected URL: https://www.youtube.com/watch?v=npROBlHjxmc

extracted_from_files

URL

detected URL: https://KyberLock.com/human

XIOC detected URL: https://KyberLock.com/human

extracted_from_files

URL

detected URL: https://www.youtube.com/watch?v=Sm4f6FIOShI

XIOC detected URL: https://www.youtube.com/watch?v=Sm4f6FIOShI

extracted_from_files

URL

detected URL: https://www.youtube.com/watch?v=XytUN0T_2zQ

XIOC detected URL: https://www.youtube.com/watch?v=XytUN0T_2zQ

extracted_from_files

URL

detected URL: https://www.youtube.com/watch?v=sRdpWe4zya8

XIOC detected URL: https://www.youtube.com/watch?v=sRdpWe4zya8

extracted_from_files

detected IP: 4.2.10.2

XIOC detected IP: 4.2.10.2

extracted_from_files

URL

detected URL: https://www.youtube.com/watch?v=4WrYEdRp2Q4

XIOC detected URL: https://www.youtube.com/watch?v=4WrYEdRp2Q4

extracted_from_files

URL

detected URL: https://www.youtube.com/watch?v=R9UanENF3ro

XIOC detected URL: https://www.youtube.com/watch?v=R9UanENF3ro

extracted_from_files

URL

detected URL: https://www.youtube.com/watch?v=VutWfWZW5bY

XIOC detected URL: https://www.youtube.com/watch?v=VutWfWZW5bY

extracted_from_files

URL

detected URL: https://www.youtube.com/watch?v=LsljKvjAi9I

XIOC detected URL: https://www.youtube.com/watch?v=LsljKvjAi9I

extracted_from_files

URL

detected URL: https://www.youtube.com/watch?v=tPeUv6BRTrg

XIOC detected URL: https://www.youtube.com/watch?v=tPeUv6BRTrg

extracted_from_files

URL

detected URL: https://www.youtube.com/watch?v=L00yybDzN6k

XIOC detected URL: https://www.youtube.com/watch?v=L00yybDzN6k

extracted_from_files

URL

detected URL: https://www.youtube.com/watch?v=vQrED7eIkLA

XIOC detected URL: https://www.youtube.com/watch?v=vQrED7eIkLA

extracted_from_files

URL

detected URL: https://www.youtube.com/watch?v=nBA5JNY4gmQ

XIOC detected URL: https://www.youtube.com/watch?v=nBA5JNY4gmQ

extracted_from_files

URL

detected URL: http://PassLok.weebly.com

XIOC detected URL: http://PassLok.weebly.com

extracted_from_files

URL

detected URL: https://PassLok.weebly.com/uploads/2/4/1/8/24187628/PassLok_manual.pdf

XIOC detected URL: https://PassLok.weebly.com/uploads/2/4/1/8/24187628/PassLok_manual.pdf

extracted_from_files

URL

detected URL: http://www.weebly.com/uploads/2/4/1/8/24187628/passlok_technical_document.pdf

XIOC detected URL: http://www.weebly.com/uploads/2/4/1/8/24187628/passlok_technical_document.pdf

extracted_from_files

URL

detected URL: https://www.youtube.com/watch?v=JbNM_cf8My0

XIOC detected URL: https://www.youtube.com/watch?v=JbNM_cf8My0

extracted_from_files

URL

detected URL: https://www.youtube.com/watch?v=4DjhIjU_nuM

XIOC detected URL: https://www.youtube.com/watch?v=4DjhIjU_nuM

extracted_from_files

URL

detected URL: http://PassLok.weebly.com/uploads/2/4/1/8/24187628/PassLok_manual21.pdf

XIOC detected URL: http://PassLok.weebly.com/uploads/2/4/1/8/24187628/PassLok_manual21.pdf

extracted_from_files

URL

detected URL: https://www.youtube.com/watch?v=0wTJWyd9s64

XIOC detected URL: https://www.youtube.com/watch?v=0wTJWyd9s64

extracted_from_files

URL

detected URL: https://passlok.com/learn

XIOC detected URL: https://passlok.com/learn

extracted_from_files

URL

detected URL: https://passlok.weebly.com

XIOC detected URL: https://passlok.weebly.com

extracted_from_files

URL

detected URL: https://github.com/paulmillr/noble-ciphers--

XIOC detected URL: https://github.com/paulmillr/noble-ciphers--

extracted_from_files

URL

detected URL: https://github.com/paulmillr/noble-hashes--

XIOC detected URL: https://github.com/paulmillr/noble-hashes--

extracted_from_files

URL

detected URL: https://github.com/pieroxy/lz-string--

XIOC detected URL: https://github.com/pieroxy/lz-string--

extracted_from_files

URL

detected URL: https://github.com/cure53/DOMPurify--

XIOC detected URL: https://github.com/cure53/DOMPurify--

extracted_from_files

URL

detected URL: https://github.com/owencm/js-steg.

XIOC detected URL: https://github.com/owencm/js-steg.

extracted_from_files

URL

detected URL: https://github.com/rubycon/isaac.js--

XIOC detected URL: https://github.com/rubycon/isaac.js--

extracted_from_files

URL

detected URL: https://github.com/dchest/tweetnacl-util-js--

XIOC detected URL: https://github.com/dchest/tweetnacl-util-js--

extracted_from_files

Domain

detected Domain: purify.js.map

XIOC detected Domain: purify.js.map

extracted_from_files

Domain

detected Domain: clients2.google.com

XIOC detected Domain: clients2.google.com

extracted_from_files

Other

detected Email: [email protected]

XIOC detected Email: [email protected]

extracted_from_files

Other

detected Email: [email protected]

XIOC detected Email: [email protected]

extracted_from_files

URL

detected URL: https://github.com/amper5and/secrets.js--

XIOC detected URL: https://github.com/amper5and/secrets.js--

extracted_from_files

URL

detected URL: https://github.com/paulmillr/noble-post-quantum--

XIOC detected URL: https://github.com/paulmillr/noble-post-quantum--

extracted_from_files

Domain

detected Domain: createnodeiterator.call

XIOC detected Domain: createnodeiterator.call

extracted_from_files

Domain

detected Domain: nodefilter.show

XIOC detected Domain: nodefilter.show

extracted_from_files

Domain

detected Domain: hook.call

XIOC detected Domain: hook.call

extracted_from_files

Domain

detected Domain: currentnode.data

XIOC detected Domain: currentnode.data

extracted_from_files

Domain

detected Domain: createdocumentfragment.call

XIOC detected Domain: createdocumentfragment.call

extracted_from_files

Domain

detected Domain: importnode.call

XIOC detected Domain: importnode.call

extracted_from_files

Domain

detected Domain: body.ownerdocument.doctype.name

XIOC detected Domain: body.ownerdocument.doctype.name

extracted_from_files

Domain

detected Domain: z.map

XIOC detected Domain: z.map

extracted_from_files

Domain

detected Domain: developer.mozilla.org

XIOC detected Domain: developer.mozilla.org

extracted_from_files

Domain

detected Domain: w3c.github.io

XIOC detected Domain: w3c.github.io

extracted_from_files

Domain

detected Domain: html.spec.whatwg.org

XIOC detected Domain: html.spec.whatwg.org

extracted_from_files

Domain

detected Domain: cfg.safe

XIOC detected Domain: cfg.safe

extracted_from_files

Domain

detected Domain: cfg.in

XIOC detected Domain: cfg.in

extracted_from_files

Domain

detected Domain: getelementsbytagname.call

XIOC detected Domain: getelementsbytagname.call

extracted_from_files

Domain

detected Domain: this.gl

XIOC detected Domain: this.gl

extracted_from_files

Domain

detected Domain: super.finish.call

XIOC detected Domain: super.finish.call

extracted_from_files

Domain

detected Domain: super.destroy.call

XIOC detected Domain: super.destroy.call

extracted_from_files

Domain

detected Domain: s1.map

XIOC detected Domain: s1.map

extracted_from_files

Domain

detected Domain: y.map

XIOC detected Domain: y.map

extracted_from_files

Domain

detected Domain: w.map

XIOC detected Domain: w.map

extracted_from_files

Domain

detected Domain: j.map

XIOC detected Domain: j.map

extracted_from_files

Domain

detected Domain: idx.map

XIOC detected Domain: idx.map

extracted_from_files

Domain

detected Domain: idxr.map

XIOC detected Domain: idxr.map

extracted_from_files

Domain

detected Domain: this.al

XIOC detected Domain: this.al

extracted_from_files

Domain

detected Domain: this.bh

XIOC detected Domain: this.bh

extracted_from_files

Domain

detected Domain: this.ch

XIOC detected Domain: this.ch

extracted_from_files

Domain

detected Domain: this.cl

XIOC detected Domain: this.cl

extracted_from_files

Domain

detected Domain: this.gh

XIOC detected Domain: this.gh

extracted_from_files

Domain

detected Domain: t1.map

XIOC detected Domain: t1.map

extracted_from_files

Domain

detected Domain: t2.map

XIOC detected Domain: t2.map

extracted_from_files

Domain

detected Domain: passlok.weebly.com

XIOC detected Domain: passlok.weebly.com

extracted_from_files

Domain

detected Domain: www.weebly.com

XIOC detected Domain: www.weebly.com

extracted_from_files

Domain

detected Domain: id.map

XIOC detected Domain: id.map

extracted_from_files

Domain

detected Domain: idxl.map

XIOC detected Domain: idxl.map

extracted_from_files

Domain

detected Domain: pieroxy.net

XIOC detected Domain: pieroxy.net

extracted_from_files

Domain

detected Domain: object.prototype.hasownproperty.call

XIOC detected Domain: object.prototype.hasownproperty.call

extracted_from_files

Domain

detected Domain: array.prototype.slice.call

XIOC detected Domain: array.prototype.slice.call

extracted_from_files

Domain

detected Domain: hasownprop.call

XIOC detected Domain: hasownprop.call

extracted_from_files

Domain

detected Domain: a.constructor.name

XIOC detected Domain: a.constructor.name

extracted_from_files

Domain

detected Domain: sbox.map

XIOC detected Domain: sbox.map

extracted_from_files

Domain

detected Domain: t0.map

XIOC detected Domain: t0.map

extracted_from_files

Domain

detected Domain: www.apache.org

XIOC detected Domain: www.apache.org

extracted_from_files

Domain

detected Domain: frame.progressive

XIOC detected Domain: frame.progressive

extracted_from_files

Domain

detected Domain: xhr.open

XIOC detected Domain: xhr.open

extracted_from_files

Domain

detected Domain: www.bytestrom.eu

XIOC detected Domain: www.bytestrom.eu

extracted_from_files

Domain

detected Domain: www.owencampbellmoore.com

XIOC detected Domain: www.owencampbellmoore.com

extracted_from_files

Domain

detected Domain: image.data

XIOC detected Domain: image.data

extracted_from_files

Domain

detected Domain: www.wtfpl.net

XIOC detected Domain: www.wtfpl.net

extracted_from_files

Domain

detected Domain: trange.select

XIOC detected Domain: trange.select

extracted_from_files

Domain

detected Domain: xato.net

XIOC detected Domain: xato.net

extracted_from_files

Domain

detected Domain: imagedata.data

XIOC detected Domain: imagedata.data

extracted_from_files

detected Domain: snippetrepo.com

XIOC detected Domain: snippetrepo.com

extracted_from_files

Domain

detected Domain: date.now

XIOC detected Domain: date.now

extracted_from_files

Domain

detected Domain: www.irongeek.com

XIOC detected Domain: www.irongeek.com

extracted_from_files

Domain

detected Domain: burtleburtle.net

XIOC detected Domain: burtleburtle.net

extracted_from_files

Domain

detected Domain: a.download

XIOC detected Domain: a.download

extracted_from_files

Domain

detected Domain: a.style

XIOC detected Domain: a.style

extracted_from_files

Domain

detected Domain: a.click

XIOC detected Domain: a.click

extracted_from_files

Domain

detected Domain: lockscr.style.top

XIOC detected Domain: lockscr.style.top

extracted_from_files

Domain

detected Domain: range.select

XIOC detected Domain: range.select

extracted_from_files

Domain

detected Domain: window.open

XIOC detected Domain: window.open

extracted_from_files

detected Domain: javascripter.net

XIOC detected Domain: javascripter.net

extracted_from_files

Domain

detected Domain: jit.si

XIOC detected Domain: jit.si

extracted_from_files

Domain

detected Domain: object.prototype.tostring.call

XIOC detected Domain: object.prototype.tostring.call

extracted_from_files

Domain

detected Domain: chrome.storage

XIOC detected Domain: chrome.storage

extracted_from_files

Domain

detected Domain: filetoload.name

XIOC detected Domain: filetoload.name

extracted_from_files

Domain

detected Domain: filelink.download

XIOC detected Domain: filelink.download

extracted_from_files

Domain

detected Domain: ourcodeworld.com

XIOC detected Domain: ourcodeworld.com

extracted_from_files

Domain

detected Domain: noblepostquantum.ml

XIOC detected Domain: noblepostquantum.ml

extracted_from_files

Domain

detected Domain: hash.online-convert.com

XIOC detected Domain: hash.online-convert.com

extracted_from_files

Domain

detected Domain: prgomez.com

XIOC detected Domain: prgomez.com

extracted_from_files

Domain

detected Domain: fileformat.info

XIOC detected Domain: fileformat.info

extracted_from_files

Domain

detected Domain: www.xorbin.com

XIOC detected Domain: www.xorbin.com

extracted_from_files

Domain

detected Domain: gomez.com

XIOC detected Domain: gomez.com

extracted_from_files

Domain

detected Domain: gmail.com

XIOC detected Domain: gmail.com

extracted_from_files

Domain

detected Domain: jitsi.org

XIOC detected Domain: jitsi.org

extracted_from_files

Domain

detected Domain: www.w3.org

XIOC detected Domain: www.w3.org

extracted_from_files

Domain

detected Domain: github.com

XIOC detected Domain: github.com

extracted_from_files

Domain

detected Domain: www.youtube.com

XIOC detected Domain: www.youtube.com

extracted_from_files

Domain

detected Domain: passlok.com

XIOC detected Domain: passlok.com

extracted_from_files

Domain

detected Domain: paulmillr.com

XIOC detected Domain: paulmillr.com

extracted_from_files

Domain

detected Domain: tostring.call

XIOC detected Domain: tostring.call

extracted_from_files

URL

detected URL: https://html.spec.whatwg.org/multipage/dom.html#embedding-custom-non-visible-data-with-the-data-*-attributes)

XIOC detected URL: https://html.spec.whatwg.org/multipage/dom.html#embedding-custom-non-visible-data-with-the-data-*-attributes)

extracted_from_files

Security Analysis Summary

Security Analysis Overview

KyberLock is a Chrome Web Store extension published by [email protected]. Version 1.0.3 has been analyzed by the Risky Plugins security platform, receiving a risk score of 50.58/100 (MEDIUM risk) based on 259 security findings.

Risk Assessment

This extension presents moderate security risk. Several findings were detected that may warrant attention. Users should carefully review the permissions and findings before installation.

Findings Breakdown

High: 49 finding(s)
Medium: 210 finding(s)

What Was Analyzed

The security assessment covers multiple analysis categories:

Malware Detection: YARA rule matching against 2,400+ malware signatures
Secret Detection: Scanning for exposed API keys, tokens, and credentials
Static Analysis: Code-level security analysis for common vulnerability patterns
Network Analysis: Detection of suspicious network communications and endpoints
Obfuscation Detection: Identification of code obfuscation techniques

Developer Information

KyberLock is published by [email protected] on the Chrome Web Store marketplace. The extension has approximately 9 users.

Recommendation

Exercise caution with this extension. Review the detailed findings and ensure the requested permissions align with the extension's stated functionality before installation.

Source Code Viewer

Source Code Not Available

Source code is not available for this version of the extension.

Frequently Asked Questions

Similar Extensions

Related extensions from the same publisher or marketplace

PassLok Universal

[email protected]

CRITICAL 77 users

PassLok for Email

[email protected]

CRITICAL 411 users

PassLok Privacy

[email protected]

CRITICAL 637 users

PassLok Image Steganography

[email protected]

HIGH 638 users

SeeOnce Privacy

[email protected]

HIGH 28 users

SynthPass

[email protected]

HIGH 41 users

Risk Assessment

Severity Breakdown

Finding Categories

YARA Rules Matched

Requested Permissions

About This Extension

Detailed Findings

NET-XMLHTTPREQUEST-js-opensrc/jsstegdecoder-1.0.js-527

YARA Rule Matches

postinstall obfuscation

postinstall file manipulation

postinstall crypto operations

postinstall file download

NoUseWeakRandom

postinstall network communication

postinstall system command

postinstall registry modification

postinstall persistence mechanism

Indicators of Compromise

All Indicators · 173

Security Analysis Summary

Security Analysis Overview

Risk Assessment

Findings Breakdown

What Was Analyzed

Developer Information

Recommendation

Frequently Asked Questions

Similar Extensions

PassLok Universal

PassLok for Email

PassLok Privacy

PassLok Image Steganography

SeeOnce Privacy

SynthPass