Jollychic Coupon
🔍 Security Report Available View on Chrome Web StoreChrome will indicate if you already have this installed.
Overview
كوبون جولي شيك أحصل على قسيمة خصم مقدم من جولي شيك على جميع المنتجات المعروضة في الموقع
$10 off with a JollyChic.com promo code or coupon.
جولي شيك موقع صيني يوفر جميع انواع الملابس- احذيه - شنط - اكسسوارات بجوده ممتازه
وطبعا زي ماقلت لكم قد ما اقدر احاول اتعامل مع مواقع موثوقه و سهل التعامل معها وبالاخص ف الشحن
الحلو فيه يشحن دايركت للسعوديه & يشحن مجانا اذا صارت مشترياتك ٩٩$ تقريبا ٤٠٠ ريال
Get 40% Off JollyChic coupon & coupon in January 2018. 8 JollyChic New Years Sale promo code now on PromoPro. Today's top JollyChic .
Retailing and wholesaling high fashion high quality clothing, JollyChic.com is the place to stop to get trendy threads while still saving. The business has established connections with reputable producers and sources of clothes from China, in addition to various foreign import and export companies that help to keep costs low for you, their valued customer. Find all of the hottest items at the lowest prices…why would you shop anywhere else? Now with our featured coupons and discounts, there has never been a better reason to start making JollyChic.com your clothing store of choice! Check out our deal of the day, $10 off $99+.
Tags
Security Analysis — Jollychic Coupon
Permissions
Code Patterns Detected
External Connections
Package Contents 63 files · 1.9MB
What This Extension Does
The 'Jollychic Coupon' extension is a shopping utility designed to provide discount codes for JollyChic.com, a Chinese fashion retailer. It aims to help users save money on clothing and accessories by injecting promo codes or modifying page content during checkout. However, the extension requests an unusually broad set of permissions that far exceed its stated purpose of coupon distribution.
Permissions Explained
- webviewcheck this: This permission allows the extension to create embedded browser windows (like a mini-browser) within other apps or pages, which is unnecessary for a simple coupon tool.
Technical: Enables creation of <iframe> elements with specific attributes. If compromised, an attacker could render malicious content in a sandboxed environment that bypasses some same-origin policy restrictions. ⚠ High: A coupon extension has no legitimate need to spawn webviews. - powercheck this: This grants the ability to control system power settings, such as putting the computer to sleep or waking it up.
Technical: Accesses chrome.system.power APIs. This is a high-risk permission that allows an extension to interfere with device stability and potentially drain battery life or disrupt scheduled tasks. ⚠ Critical: Absolutely no shopping coupon tool requires control over system power states. - storageexpected: Allows the extension to save small amounts of data (like settings or saved coupons) on your device.
Technical: Accesses chrome.storage.sync and chrome.storage.local. If compromised, attackers can read/write user preferences, session tokens stored locally, or inject persistent scripts into the browser profile. ⚠ Medium: While necessary for saving coupons, combined with other permissions, it increases the attack surface if the extension is hijacked. - videoCapturecheck this: Enables the extension to access your webcam and microphone.
Technical: Accesses chrome.mediaDevices.getVideoDevices. This allows capturing video streams, which could be used for surveillance or screen recording if the extension is malicious. ⚠ High: A coupon finder has zero need to access your camera. - geolocationcheck this: Allows the extension to know your physical location based on your IP address or GPS.
Technical: Accesses chrome.geolocation API. This data can be used for targeted advertising, tracking user movement patterns, or correlating browsing habits with physical locations. ⚠ Medium: Location is not required to display a discount code on a website. - pointerLockcheck this: Allows the extension to hide your mouse cursor and capture all mouse movements.
Technical: Accesses chrome.pointerLock. This can be abused to create 'mouse jacking' attacks, where an attacker moves your cursor without permission or captures keystrokes while you are unaware. ⚠ High: Extremely dangerous for a shopping extension; indicates potential keylogging capability. - system.displaycheck this: Grants the ability to control your screen brightness and display settings.
Technical: Accesses chrome.system.display APIs. This could be used to dim screens to hide activity or manipulate visual output, though less common for data theft. ⚠ Medium: Unrelated to coupon functionality; suggests capability to interfere with user interface. - accessibilityFeatures.readcheck this: Allows the extension to read accessibility settings on your computer.
Technical: Accesses chrome.accessibilitySettings. This is often a precursor to injecting scripts that rely on screen readers or assistive technologies, potentially bypassing security checks. ⚠ Medium: Unnecessary for coupon display; indicates potential for accessibility-based injection attacks. - accessibilityFeatures.modifycheck this: Allows the extension to change your computer's accessibility settings.
Technical: Accesses chrome.accessibilitySettings. Modifying these settings can alter how the browser renders content, potentially hiding malicious overlays or changing focus management. ⚠ High: Allows manipulation of the user interface to hide malicious behavior.
Your Data
The extension communicates with a wide array of external domains including Google services, GitHub, and various CDN hosts. While it does not appear to exfiltrate sensitive data directly in its network log, the combination of permissions (especially storage and pointerLock) creates a significant risk that your browsing habits, saved coupons, or even input data could be intercepted if the extension is compromised.
Technical Details
Code Findings
This extension asks for control over your camera, location, mouse cursor, and system power settings just to show you a discount code. This is highly suspicious behavior.
Technical: The manifest requests 'webview', 'power', 'videoCapture', 'geolocation', 'pointerLock', 'system.display', and 'accessibilityFeatures'. These permissions are typically reserved for complex productivity or system management tools, not simple coupon injectors.
💡 None. A legitimate coupon extension only needs 'activeTab' (to read the page) and 'storage' (to save codes).
The code uses methods that could accidentally insert harmful scripts into the websites you visit, potentially stealing your login information or showing fake ads.
Technical: Analysis of 'Code Behavior' shows '[medium] innerHTML assignment — potential XSS vector'. This pattern involves directly assigning user-controlled strings to DOM elements. If the extension fetches data from an untrusted source (like a coupon list) and injects it without sanitization, it creates a Cross-Site Scripting vulnerability.
💡 Extensions often need to modify page content to apply coupons or hide ads, but they must use safe DOM manipulation methods like textContent or properly sanitized templates.
The extension uses tricks to hide its code, making it harder for you to see what it is actually doing.
Technical: Analysis shows '[medium] String.fromCharCode (obfuscation)' and '[medium] charCodeAt (obfuscation)'. These are standard techniques used to encode strings so that the raw text is not visible in the source code, often used to hide malicious payloads or bypass simple static analysis.
💡 Sometimes used to protect proprietary algorithms, but rarely necessary for a public coupon extension.
The extension does not have safety rules to prevent hackers from injecting bad code into the websites you use.
Technical: Technical details state 'Content Security Policy: not set'. Without a CSP, the browser allows scripts from any source to run if injected. This is particularly dangerous given the 'innerHTML' finding.
💡 Extensions often omit CSPs for simplicity or because they modify page content dynamically, but this is a security best practice violation.
This extension presents a high security risk due to its request for dangerous system-level permissions (camera, power, mouse control) that are completely unrelated to displaying discount codes. The code analysis reveals obfuscation techniques and potential XSS vulnerabilities, suggesting the developer may be hiding malicious behavior. We strongly recommend uninstalling this extension immediately and avoiding any site that has installed it.
