IMTMeet

IMTMeet

ID: opbjlkgdnhjoljkfeokhnjmnlkoekjkf

Supported Languages

🇪🇸Spanish

Extension Info & Metadata

Status
Active
Version
3.9
Size
0.07 MB
Rating
0.0/5
Reviews
0
Users
4
Type
Extension
Updated
Jun 30, 2026
Category
Productivity Workflow
Price
Free
Featured
No
Visibility
Listed
Mature
No
By Google
No
Trusted
Yes

Publisher Contextual Analysis

Author
IMTLazarusView Profile
Country
ES
MX records exist
Yes
Domain exists
Yes
Is disposable
No
Is role-based
No
Mailbox exists
Yes
Address
Arteagabeitia, 41 Barakaldo, Vizcaya 48902 ES
Website
Visit
Total Extensions
9
Active
5
Obsolete
4
Listed
8
Unlisted
1
Total Users
55,138

Graba tu sala de trabajo en Meet y la sube directo a Google Drive.

Item
Type
Severity
Description
*://*/*
Permission
Critical
This permission grants access to all websites without restriction. Rated High because it can access any web content, monitor all web activity, and potentially steal sensitive data across all sites.
<all_urls>
Permission
Critical
This permission grants access to all websites without restriction. Rated High because it can access any web content, monitor all web activity, and potentially steal sensitive data across all sites.
webRequest
Permission
Critical
This permission enables the extension to monitor and analyze all web requests made by the browser. Rated Critical because it can observe all network traffic including sensitive data, track browsing behavior, and gather authentication tokens.
webRequestBlocking
Permission
Critical
This permission allows the extension to intercept, modify, or block any web request in real-time before it reaches its destination. Rated Critical because it can modify sensitive data (like passwords, credit cards) before encryption, redirect traffic to malicious sites, or block security updates.
Dangerous Permission Combination
Risk Factor
Critical
This extension can intercept, modify, and block web requests in real-time.
webNavigation
Permission
High
This permission enables monitoring of all browser navigation events and transitions. Rated High because it can track every page visit, navigation method, and browsing pattern, potentially exposing sensitive browsing behavior and user activities.
identity
Permission
High
This permission accesses Chrome identity service and user information. Rated High because it can obtain OAuth tokens, access connected accounts, and impersonate the user in authenticated service.
desktopCapture
Permission
High
This permission captures content from your desktop screens. Rated High because it can record sensitive information from any window, capture passwords, and monitor user activity.
identity.email
Permission
High
This permission directly accesses the user's email address. Rated High because it reveals personally identifiable information and can be used for tracking or targeting.
Contextual Risk Factors
Risk Factor
High
The following context increases the overall risk:• 15% increase: Older manifest version lacks modern security controls
tabs
Permission
Medium
This permission enables tab management and monitoring. Rated Medium because it can track open tabs, access tab metadata, and monitor user browsing patterns.
storage
Permission
Medium
This permission allows storing data locally in the browser. Rated Medium because it can persist sensitive user data, track user activities over time, and potentially store malicious payloads.
management
Permission
Medium
This permission manages other installed extensions. Rated Medium because it can enable/disable other extensions and modify their settings, with changes being visible to users.
Older Manifest Version
Risk Factor
Medium
This extension uses Manifest Version 2

The Chrome Web Store listing describes this extension as a Google Meet session recorder that uploads to Google Drive (productivity use case), but the manifest internally identifies it as a 'remote filtering agent' and every JS file implements continuous screenshot exfiltration, full web-request interception, and remote command execution — none of which match the disclosed listing purpose. This deliberate mismatch hides the extension's surveillance function from users who would install a perceived screen-recording tool, and is consistent with the policy_violation reason cited for CWS removal.

manifest.json (Line 7)
{  "description": "IMTLazarus's remote filtering agent for Chrome."}

The extension establishes an unencrypted WebSocket connection to a raw IP address (137.74.170.11:8123) that is unrelated to the publisher's declared domain (imtlazarus.com). Messages received from this third-party server directly control the extension's lifecycle: if the server does not respond with 'TUNELUP', the extension calls chrome.runtime.reload(). This gives an external, non-publisher-associated server the ability to trigger extension restarts, and the unencrypted channel could be intercepted or spoofed.

js/control.js (Line 14)
ws = new WebSocket('ws://137.74.170.11:8123');ws.onmessage = function(event) {  estadotunelinternet = event.data;  //console.log('Túnel Estado: ' + event.data);}}...function recarga() {  console.log('Internet Estado: ' + estadotunelinternet);  if (estadotunelinternet == "TUNELUP") {    continuar();  } else {    chrome.runtime.reload();  }}

By severity

Critical0
High1
Medium1
Low0

Versions scanned

Showing 1 of 3 scanned versions with more than one unique finding. Counts are unique findings that include each version.

Extension VersionCode Review Findings
3.92

Files with findings

2 distinct paths — top paths by unique finding count:

  • js/control.js1
  • manifest.json1
S.No.
Category
Severity
File
Summary
Found in Version
1Other
high
manifest.json (line 7)The Chrome Web Store listing describes this extension as a Google Meet session recorder that uploads to Google Drive (productivity use case), but the manifest internally identifies it as a 'remote filtering agent' and…
2Other
medium
js/control.js (line 14)The extension establishes an unencrypted WebSocket connection to a raw IP address (137.74.170.11:8123) that is unrelated to the publisher's declared domain (imtlazarus.com). Messages received from this third-party ser…
URLs
3
IPv4
1
IPv6
0

URLs

View the external URLs this extension communicates with to understand its network activity and data interactions.

Gain full insight into all external connections.

Upgrade for full visibility.

www.imtlazarus.com-http://www.imtlazarus.com
imtlazarus.com-http://imtlazarus.com
clients2.google.com/service/update2/crxhttps://clients2.google.com/service/update2/crx

Gain full insight into all external connections.

Upgrade for full visibility.

137.74.170.11
IPv4
-
Showing 1 to 3 of 10 rows
Rows per page:

Code Diff

Compare extension code between any two versions.

0 changed files (scanned top 25 shared text files)

No comparable text files found between these versions.

Browse and explore files within this extension package

Gain full insight into all external connections.

Upgrade for full visibility.