Is "PassLok Image Steganography" on Chrome Web Store Safe to Install?
Steganography is the art of hiding secrets in plain sight. This app implements an improved version of A. Westfeld's F5 algorithm in order to embed text and other data into images without leaving any traces that might be detected, as presented before experts at the ForenSecure 2017 conference. It is the same stego algorithm implemented in PassLok Privacy, PassLok for Email, and URSA, also available in this store, but its output is not compatible with those because this app does not include the same encryption engine. Processing is done completely within your browser, without contacting any outside machine or website. You can use the app with your network turned off, if you feel paranoid. Because it is an extension, the other extensions and addons installed on your browser are prevented from seeing what this app is doing. This includes any password managers you may have installed. The images can be saved in the popular JPG format, or in PNG format, which can contain more hidden data. Then you can send them by email or upload it to a sharing site so your friends can get it. This can be very useful if you are under surveillance of live under a repressive regime. Please refrain from using the app if your intent is to engage in illegal activity. For greatly enhanced security, please use a Password that you share with your friends. If no Password is used, anyone who has this app will be able to extract the data. Without knowing the Password, it will be very difficult even to know that there is anything hidden. There is a Help screen that tells you how to use the app step by step, always just one click away. For the super-paranoid, the app can hide a short second message, which requires a separate Password. It can only be retrieved if both Passwords are correct. Details are in the Help screen. This is the process to hide data in an image: 1. Type, paste, or use the toolbar buttons to load text or data into the main box. 2. Load a cover image by clicking the "Load cover image" button. 3. Type a Password in the small box (you can omit it, but we strongly recommend that you don't). 4. Make sure the "Compress" and "Smart Pwd." options are selected the way you want them. 5. Click either the "Hide into PNG" or the "Hide into JPG" button. 6. When the process is complete, right-click the image and select "save image as..." in order to save it locally. To reveal the hidden data: 1. Load the image by clicking the "Load cover image" button. 2. Type the Password, if any, in the small box. Must the the same one used for hiding the data. 3. Set the "Compress" and "Smart Pwd." options the same way they were set when the data was hidden. 4. Click the "Reveal" button. If successful the hidden data will appear in the main box.
Risk Assessment
Analyzed123 security findings detected across all analyzers
Severity Breakdown
Finding Categories
YARA Rules Matched
9 rules(37 hits)About This Extension
Detailed Findings
38 totalYARA Rule Matches
9 rulesIndicators of Compromise
Network indicators, suspicious strings, and potential IoCs extracted during analysis
All Indicators · 82
detected Domain: www.7-zip.org XIOC detected Domain: www.7-zip.org
extracted_from_files
detected URL: https://www.w3.org/TR/xhtml1/normative.html#strict) XIOC detected URL: https://www.w3.org/TR/xhtml1/normative.html#strict)
extracted_from_files
detected URL: http://www.w3.org/1999/xhtml XIOC detected URL: http://www.w3.org/1999/xhtml
extracted_from_files
detected URL: https://html.spec.whatwg.org/multipage/dom.html#embedding-custom-non-visible-data-with-the-data-*-attributes) XIOC detected URL: https://html.spec.whatwg.org/multipage/dom.html#embedding-custom-non-visible-data-with-the-data-*-attributes)
extracted_from_files
detected URL: https://html.spec.whatwg.org/multipage/infrastructure.html#xml-compatible XIOC detected URL: https://html.spec.whatwg.org/multipage/infrastructure.html#xml-compatible
extracted_from_files
detected URL: http://www.w3.org/TR/xml/#d0e804) XIOC detected URL: http://www.w3.org/TR/xml/#d0e804)
extracted_from_files
detected URL: https://github.com/sindresorhus/validate-element-name XIOC detected URL: https://github.com/sindresorhus/validate-element-name
extracted_from_files
detected URL: https://clients2.google.com/service/update2/crx XIOC detected URL: https://clients2.google.com/service/update2/crx
extracted_from_files
detected URL: https://passlok.com/stego/index.html XIOC detected URL: https://passlok.com/stego/index.html
extracted_from_files
detected URL: http://www.wtfpl.net/ XIOC detected URL: http://www.wtfpl.net/
extracted_from_files
detected URL: http://pieroxy.net/blog/pages/lz-string/testing.html XIOC detected URL: http://pieroxy.net/blog/pages/lz-string/testing.html
extracted_from_files
detected URL: http://w3c.github.io/webcomponents/spec/custom/#creating-and-passing-registries) XIOC detected URL: http://w3c.github.io/webcomponents/spec/custom/#creating-and-passing-registries)
extracted_from_files
detected URL: http://www.w3.org/1998/Math/MathML'; XIOC detected URL: http://www.w3.org/1998/Math/MathML';
extracted_from_files
detected URL: http://www.w3.org/2000/svg'; XIOC detected URL: http://www.w3.org/2000/svg';
extracted_from_files
detected URL: http://www.w3.org/1999/xhtml'; XIOC detected URL: http://www.w3.org/1999/xhtml';
extracted_from_files
detected URL: http://burtleburtle.net/bob/rand/isaac.html XIOC detected URL: http://burtleburtle.net/bob/rand/isaac.html
extracted_from_files
detected URL: http://burtleburtle.net/bob/rand/isaacafa.html XIOC detected URL: http://burtleburtle.net/bob/rand/isaacafa.html
extracted_from_files
detected URL: http://www.apache.org/licenses/LICENSE-2.0 XIOC detected URL: http://www.apache.org/licenses/LICENSE-2.0
extracted_from_files
detected URL: https://github.com/fruiz500/whisehash XIOC detected URL: https://github.com/fruiz500/whisehash
extracted_from_files
detected URL: https://github.com/fruiz500/passlok-stego XIOC detected URL: https://github.com/fruiz500/passlok-stego
extracted_from_files
detected URL: https://xato.net/passwords/more-top-worst-passwords, XIOC detected URL: https://xato.net/passwords/more-top-worst-passwords,
extracted_from_files
detected Domain: www.owencampbellmoore.com XIOC detected Domain: www.owencampbellmoore.com
extracted_from_files
detected URL: https://passlok.com XIOC detected URL: https://passlok.com
extracted_from_files
detected URL: https://passlok.com/app XIOC detected URL: https://passlok.com/app
extracted_from_files
detected URL: https://chrome.google.com/webstore/detail/passlok-for-email/ehakihemolfjgbbfhkbjgahppbhecclh XIOC detected URL: https://chrome.google.com/webstore/detail/passlok-for-email/ehakihemolfjgbbfhkbjgahppbhecclh
extracted_from_files
detected URL: https://addons.mozilla.org/en-US/firefox/addon/passlok-for-email/ XIOC detected URL: https://addons.mozilla.org/en-US/firefox/addon/passlok-for-email/
extracted_from_files
detected URL: http://www.7-zip.org/ XIOC detected URL: http://www.7-zip.org/
extracted_from_files
detected URL: http://www.kekaosx.com/ XIOC detected URL: http://www.kekaosx.com/
extracted_from_files
detected URL: https://github.com/pieroxy/lz-string XIOC detected URL: https://github.com/pieroxy/lz-string
extracted_from_files
detected URL: https://github.com/owencm/js-steg. XIOC detected URL: https://github.com/owencm/js-steg.
extracted_from_files
detected URL: https://github.com/rubycon/isaac.js/blob/master/isaac.js-- XIOC detected URL: https://github.com/rubycon/isaac.js/blob/master/isaac.js--
extracted_from_files
detected URL: https://github.com/pieroxy/lz-string-- XIOC detected URL: https://github.com/pieroxy/lz-string--
extracted_from_files
detected URL: https://github.com/cure53/DOMPurify-- XIOC detected URL: https://github.com/cure53/DOMPurify--
extracted_from_files
detected Domain: clients2.google.com XIOC detected Domain: clients2.google.com
extracted_from_files
detected URL: https://github.com/fruiz500/passlok XIOC detected URL: https://github.com/fruiz500/passlok
extracted_from_files
detected URL: https://passlok.com/stego XIOC detected URL: https://passlok.com/stego
extracted_from_files
detected URL: https://www2.htw-dresden.de/~westfeld/publikationen/21370289.pdf, XIOC detected URL: https://www2.htw-dresden.de/~westfeld/publikationen/21370289.pdf,
extracted_from_files
detected URL: https://github.com/owencm/js-steg XIOC detected URL: https://github.com/owencm/js-steg
extracted_from_files
detected URL: https://github.com/rubycon/isaac.js/blob/master/isaac.js XIOC detected URL: https://github.com/rubycon/isaac.js/blob/master/isaac.js
extracted_from_files
detected Domain: nodefilter.show XIOC detected Domain: nodefilter.show
extracted_from_files
detected Domain: hook.call XIOC detected Domain: hook.call
extracted_from_files
detected Domain: attr.name XIOC detected Domain: attr.name
extracted_from_files
detected Domain: createdocumentfragment.call XIOC detected Domain: createdocumentfragment.call
extracted_from_files
detected Domain: importnode.call XIOC detected Domain: importnode.call
extracted_from_files
detected Domain: body.ownerdocument.doctype.name XIOC detected Domain: body.ownerdocument.doctype.name
extracted_from_files
detected Domain: purify.js.map XIOC detected Domain: purify.js.map
extracted_from_files
detected Domain: o.constructor.name XIOC detected Domain: o.constructor.name
extracted_from_files
detected Domain: it.call XIOC detected Domain: it.call
extracted_from_files
detected Domain: it.next XIOC detected Domain: it.next
extracted_from_files
detected Domain: cfg.safe XIOC detected Domain: cfg.safe
extracted_from_files
detected Domain: cfg.in XIOC detected Domain: cfg.in
extracted_from_files
detected Domain: getelementsbytagname.call XIOC detected Domain: getelementsbytagname.call
extracted_from_files
detected Domain: createnodeiterator.call XIOC detected Domain: createnodeiterator.call
extracted_from_files
detected Domain: object.prototype.hasownproperty.call XIOC detected Domain: object.prototype.hasownproperty.call
extracted_from_files
detected Domain: w3c.github.io XIOC detected Domain: w3c.github.io
extracted_from_files
detected Domain: html.spec.whatwg.org XIOC detected Domain: html.spec.whatwg.org
extracted_from_files
detected Domain: boolean.prototype.valueof.call XIOC detected Domain: boolean.prototype.valueof.call
extracted_from_files
detected Domain: i.call XIOC detected Domain: i.call
extracted_from_files
detected Domain: i.next XIOC detected Domain: i.next
extracted_from_files
detected Domain: object.prototype.tostring.call XIOC detected Domain: object.prototype.tostring.call
extracted_from_files
detected URL: https://github.com/first20hours/google-10000-english. XIOC detected URL: https://github.com/first20hours/google-10000-english.
extracted_from_files
detected Domain: image.data XIOC detected Domain: image.data
extracted_from_files
detected Domain: filetoload.name XIOC detected Domain: filetoload.name
extracted_from_files
detected Domain: this.id XIOC detected Domain: this.id
extracted_from_files
detected Domain: xato.net XIOC detected Domain: xato.net
extracted_from_files
detected Domain: www.wtfpl.net XIOC detected Domain: www.wtfpl.net
extracted_from_files
detected Domain: pieroxy.net XIOC detected Domain: pieroxy.net
extracted_from_files
detected Domain: www.kekaosx.com XIOC detected Domain: www.kekaosx.com
extracted_from_files
detected Domain: burtleburtle.net XIOC detected Domain: burtleburtle.net
extracted_from_files
detected Domain: www.apache.org XIOC detected Domain: www.apache.org
extracted_from_files
detected Domain: frame.progressive XIOC detected Domain: frame.progressive
extracted_from_files
detected Domain: xhr.open XIOC detected Domain: xhr.open
extracted_from_files
detected Domain: imagedata.data XIOC detected Domain: imagedata.data
extracted_from_files
detected Domain: www.bytestrom.eu XIOC detected Domain: www.bytestrom.eu
extracted_from_files
detected Domain: github.com XIOC detected Domain: github.com
extracted_from_files
detected Domain: passlok.com XIOC detected Domain: passlok.com
extracted_from_files
detected Domain: www2.htw-dresden.de XIOC detected Domain: www2.htw-dresden.de
extracted_from_files
detected Domain: www.w3.org XIOC detected Domain: www.w3.org
extracted_from_files
detected Domain: chrome.google.com XIOC detected Domain: chrome.google.com
extracted_from_files
detected Domain: addons.mozilla.org XIOC detected Domain: addons.mozilla.org
extracted_from_files
detected IP: 4.2.10.2 XIOC detected IP: 4.2.10.2
extracted_from_files
Security Analysis Summary
Security Analysis Overview
PassLok Image Steganography is a Chrome Web Store extension published by [email protected]. Version 1.0.4 has been analyzed by the Risky Plugins security platform, receiving a risk score of 49.32/100 (MEDIUM risk) based on 123 security findings.
Risk Assessment
This extension presents moderate security risk. Several findings were detected that may warrant attention. Users should carefully review the permissions and findings before installation.
Findings Breakdown
- High: 37 finding(s)
- Medium: 86 finding(s)
What Was Analyzed
The security assessment covers multiple analysis categories:
- Malware Detection: YARA rule matching against 2,400+ malware signatures
- Secret Detection: Scanning for exposed API keys, tokens, and credentials
- Static Analysis: Code-level security analysis for common vulnerability patterns
- Network Analysis: Detection of suspicious network communications and endpoints
- Obfuscation Detection: Identification of code obfuscation techniques
Developer Information
PassLok Image Steganography is published by [email protected] on the Chrome Web Store marketplace. The extension has approximately 638 users.
Recommendation
Exercise caution with this extension. Review the detailed findings and ensure the requested permissions align with the extension's stated functionality before installation.
Source Code Not Available
Source code is not available for this version of the extension.
Frequently Asked Questions
Similar Extensions
Related extensions from the same publisher or marketplace