Is "CO2 meter extension" on Chrome Web Store Safe to Install?

[email protected] · chrome · v1.0

The extension is basic that used to show the co2 meter status by the extension Demonstrates using WebHID to connect to a CO2 meter.

Risk Assessment

Analyzed
37.23
out of 100
LOW

31 security findings detected across all analyzers

Severity Breakdown

0
Critical
10
High
21
Medium
0
Low
0
Info

Finding Categories

10
Malware Signatures
21
IoC Indicators

YARA Rules Matched

3 rules(10 hits)
postinstall file manipulation postinstall network communication postinstall crypto operations

About This Extension

The extension is basic that used to show the co2 meter status by the extension Demonstrates using WebHID to connect to a CO2 meter.

Detailed Findings

10 total

YARA Rule Matches

3 rules

Indicators of Compromise

Network indicators, suspicious strings, and potential IoCs extracted during analysis

URLs
8
Domains
12
Strings
21

All Indicators · 21

Domain
detected Domain: developer.chrome.com

XIOC detected Domain: developer.chrome.com

extracted_from_files

URL
detected URL: https://source.chromium.org/chromium/chromium/src/+/main:third_party/blink/public/mojom/service_worker/service_worker.mojom;l=150;drc=ff468ef351dc107e9bb92635914e3908d763cf29)

XIOC detected URL: https://source.chromium.org/chromium/chromium/src/+/main:third_party/blink/public/mojom/service_worker/service_worker.mojom;l=150;drc=ff468ef351dc107e9bb92635914e3908d763cf29)

extracted_from_files

URL
detected URL: http://crbug.com/1446487)

XIOC detected URL: http://crbug.com/1446487)

extracted_from_files

URL
detected URL: https://www.apache.org/licenses/LICENSE-2.0

XIOC detected URL: https://www.apache.org/licenses/LICENSE-2.0

extracted_from_files

URL
detected URL: https://clients2.google.com/service/update2/crx

XIOC detected URL: https://clients2.google.com/service/update2/crx

extracted_from_files

URL
detected URL: https://www.co2meter.com/products/co2mini-co2-indoor-air-quality-monitor

XIOC detected URL: https://www.co2meter.com/products/co2mini-co2-indoor-air-quality-monitor

extracted_from_files

Hash
detected SHA1 Hash: ff468ef351dc107e9bb92635914e3908d763cf29

XIOC detected SHA1 Hash: ff468ef351dc107e9bb92635914e3908d763cf29

extracted_from_files

Domain
detected Domain: clients2.google.com

XIOC detected Domain: clients2.google.com

extracted_from_files

Domain
detected Domain: this.co

XIOC detected Domain: this.co

extracted_from_files

Domain
detected Domain: this.device.open

XIOC detected Domain: this.device.open

extracted_from_files

Domain
detected Domain: window.open

XIOC detected Domain: window.open

extracted_from_files

URL
detected URL: https://developer.chrome.com/en/articles/hid/)

XIOC detected URL: https://developer.chrome.com/en/articles/hid/)

extracted_from_files

URL
detected URL: https://developer.chrome.com/docs/extensions/mv3/getstarted/development-basics/#load-unpacked).

XIOC detected URL: https://developer.chrome.com/docs/extensions/mv3/getstarted/development-basics/#load-unpacked).

extracted_from_files

URL
detected URL: https://www.co2meter.com/products/co2mini-co2-indoor-air-quality-monitor)

XIOC detected URL: https://www.co2meter.com/products/co2mini-co2-indoor-air-quality-monitor)

extracted_from_files

Domain
detected Domain: www.co2meter.com

XIOC detected Domain: www.co2meter.com

extracted_from_files

Domain
detected Domain: source.chromium.org

XIOC detected Domain: source.chromium.org

extracted_from_files

Domain
detected Domain: crbug.com

XIOC detected Domain: crbug.com

extracted_from_files

Domain
detected Domain: co2meter.com

XIOC detected Domain: co2meter.com

extracted_from_files

Domain
detected Domain: www.apache.org

XIOC detected Domain: www.apache.org

extracted_from_files

Domain
detected Domain: msg.data

XIOC detected Domain: msg.data

extracted_from_files

Domain
detected Domain: nodevicedialog.open

XIOC detected Domain: nodevicedialog.open

extracted_from_files

Security Analysis Summary

Security Analysis Overview

CO2 meter extension is a Chrome Web Store extension published by [email protected]. Version 1.0 has been analyzed by the Risky Plugins security platform, receiving a risk score of 37.23/100 (LOW risk) based on 31 security findings.

Risk Assessment

This extension presents low security risk. Some minor findings were detected, but nothing that would prevent typical usage. Reviewing the detailed findings below is recommended before use in sensitive environments.

Findings Breakdown

  • High: 10 finding(s)
  • Medium: 21 finding(s)

What Was Analyzed

The security assessment covers multiple analysis categories:

  • Malware Detection: YARA rule matching against 2,400+ malware signatures
  • Secret Detection: Scanning for exposed API keys, tokens, and credentials
  • Static Analysis: Code-level security analysis for common vulnerability patterns
  • Network Analysis: Detection of suspicious network communications and endpoints
  • Obfuscation Detection: Identification of code obfuscation techniques

Developer Information

CO2 meter extension is published by [email protected] on the Chrome Web Store marketplace. The extension has approximately 1 users.

Recommendation

Exercise caution with this extension. Review the detailed findings and ensure the requested permissions align with the extension's stated functionality before installation.

Frequently Asked Questions

Similar Extensions

Related extensions from the same publisher or marketplace

My Bookmarks hero

[email protected]

CRITICAL

Granairsolutions theme

[email protected]

HIGH

Pantone Color of The Year 2024

[email protected]

HIGH 1 users

Dj Station 4K

[email protected]

HIGH 92 users

butterfly

[email protected]

HIGH 3 users

Peoples with mask Theme

[email protected]

HIGH