Touchen Pc보안 확장
🔍 Security Report Available View on Chrome Web StoreChrome will indicate if you already have this installed.
Overview
인터넷 상에서 발생하는 개인정보보호를 안전하게 보호하고, 중요 금융거래 및 서비스의 안전한 사용을 제공하기 위한 확장 프로그램.
다음의 보안기능을 제공하기 위한 통합 확장 기능 제공
- 중요 입력 정보 보호 : PC 키보드를 통해 입력하는 중요정보를 외부의 위협으로 부터 안전하게 보호하고 전송하는 보안 프로그램
- 온라인 방화벽 : 외부의 위협으로 부터 PC를 안전하게 보호하는 온라인 방화벽 기능 및 악성코드 탐지 및 치료를 진행하는 백신 프로그램
- 인증서 관리 : PC에 저장된 공인인증서를 모바일 기기로 원격이동하는 관리 프로그램
- 웹 컨텐츠 보호 : 웹 페이지에 대한 화면 캡쳐,복사,붙여넣기,인쇄,소스보기 등을 차
단하여 웹페이지의 컨텐츠를 보호하기 위한 프로그램
Tags
Privacy Practices
Security Analysis — Touchen Pc보안 확장
Permissions
Code Patterns Detected
Package Contents 8 files · 38KB
What This Extension Does
Touchen Pc보안 확장 (PC Security Extension) is a browser extension that provides PC security features, including input information protection, online firewall, certificate management, and web content protection. It aims to protect users' personal data and ensure secure financial transactions. This extension is suitable for productivity and developer categories.
Permissions Explained
- nativeMessagingcheck this: This permission allows the extension to communicate with native applications on your device, which can access sensitive information.
Technical: Native messaging enables the extension to interact with Chrome's native APIs, potentially exposing user data and system resources. Attack surface: high. ⚠ 1 - scriptingexpected: This permission allows the extension to run scripts on web pages you visit.
Technical: Scripting enables the extension to execute JavaScript code, potentially accessing page content and user data. Attack surface: medium. - *://*/*check this: This permission allows the extension to access all web pages you visit.
Technical: Universal permission enables the extension to intercept and manipulate HTTP requests, potentially exposing user data and compromising security. Attack surface: critical. ⚠ 1
Your Data
The extension accesses sensitive information such as input data, certificate details, and web page content. It sends this data to unknown domains for processing and storage.
Technical Details
Code Findings
This behavior can be a sign of malicious activity, as it allows the extension to inject arbitrary code into web pages.
Technical: Code pattern: document.createElement('script'). File location: background.js. Risk vector: injection of malicious scripts. Exploit scenario: user data exposure through injected scripts.
💡 Legitimate extensions may use this technique for content script injection, but it's essential to ensure the extension's code is trustworthy and aligned with its stated purpose.
This behavior allows the extension to communicate with other web pages or extensions, potentially exposing user data.
Technical: Code pattern: window.postMessage(). File location: contentScript.js. Risk vector: unauthorized data exchange. Exploit scenario: user data exposure through cross-origin communication.
💡 Legitimate extensions may use this technique for legitimate purposes, such as sharing data between web pages or extensions.
This behavior allows the extension to monitor user interactions and respond accordingly.
Technical: Code pattern: document.addEventListener(). File location: background.js. Risk vector: potential for malicious activity, such as tracking or profiling. Exploit scenario: user data exposure through event listener manipulation.
💡 Legitimate extensions may use this technique to provide features like auto-fill or password management.
Based on the findings, we recommend exercising caution when using Touchen Pc보안 확장. The extension's permissions and code behavior raise concerns about data exposure and potential malicious activity. Users should carefully review their browser settings and consider alternative security solutions to ensure their online safety.
