https://github.com/iam-py-test/mv3-malware
A Manifest-V3 complient browser extension which does bad things
https://github.com/iam-py-test/mv3-malware
Last synced: about 1 month ago
JSON representation
A Manifest-V3 complient browser extension which does bad things
- Host: GitHub
- URL: https://github.com/iam-py-test/mv3-malware
- Owner: iam-py-test
- License: cc0-1.0
- Created: 2022-09-26T20:58:29.000Z (about 3 years ago)
- Default Branch: main
- Last Pushed: 2023-02-22T12:59:16.000Z (almost 3 years ago)
- Last Synced: 2025-02-24T13:32:37.930Z (10 months ago)
- Language: HTML
- Size: 13.7 KB
- Stars: 3
- Watchers: 1
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
# MV3 malware
A Manifest-V3 complient browser extension which does bad things
## What is this?
This is a proof-of-concept of how easy it is to write malware which works even with the restrictions in Manifest V3, and more specifically, the declarativeNetRequest API
## What will this do to my browser?
This extension should do only two things:
- Block all requests to iam-py-test.github.io/mv3-malware/legit.html
This means that if you try to access this test page, you will get this error:
- Redirect example.com to iam-py-test.github.io
If you try to load example.com, you will be redirected to a page explaining this extension.
**To undo these changes, simply uninstall the extension**. I do not intend this extension to be real malware, so it should not harm your device.
## Ok, what does this prove?
Just that MV3 extensions can still preform "malicious" actions using declarativeNetRequest (for example, an extension could block websites related to security software or redirect search engines to an adware page). Of course, this is [all in the documentation](https://developer.chrome.com/docs/extensions/reference/declarativeNetRequest/), so really this "proves" nothing.