Cryptojacking

Google announced that effective today, the Chrome Web Store review staff would stop accepting new extensions on the Web Store that perform cryptocurrency mining operations.

Existing Chrome extensions that perform cryptocurrency mining will be delisted sometime in late June.

Google has allowed mining extensions under certain terms

Until today, Google allowed extensions to mine cryptocurrencies only if cryptocurrency mining was the extension's sole purpose, and the user was informed in advance that his/her computer's resources were going to be used for these types of hardware-intensive tasks.

"Unfortunately, approximately 90% of all extensions with mining scripts that developers have attempted to upload to Chrome Web Store have failed to comply with these policies," James Wagner, Extensions Platform Product Manager for Google said today.

Wagner is referring to the trend of Chrome extensions that are now hiding mining scripts in a background process, and utilizing users' resources without their knowledge or consent.

This type of hidden in-browser mining, named cryptojacking, has become the favorite method of monetizing extension userbases by many developers. Bleeping Computer has reported on many such incidents in the past[1, 2, 3], and not even Firefox is safe from such malicious add-ons.

Google is protecting Chrome's reputation

But even if Google has not said it outright, the company has taken this step to protect Chrome's image.

Cryptojacking scripts have a huge impact on a computer's responsiveness, and when most users investigate, they see Chrome's processes hogging CPU resources. Very few of these users will be able to track the spike in CPU usage back to an extension.

Google has worked incredibly hard to create the image that Chrome is today's fastest browser, and the company isn't going to stand by and watch some extension developers ruin Chrome's brand so that some devs can make a few Monero on the side.

Will this policy really stop Cryptojacking extensions?

Unfortunately, as already stated most extensions that include cryptojacking do it in a hidden way, and these have always been banned when detected. So while this policy is a good one to put into effect, it really doesn't change the risk of cryptominers being injected into browsers by extensions.

Therefore, it is still important to always read the reviews of a Chrome extension that you want to install to check for suspicious behavior. In many cases, the reviews will indicate that there is some sort of suspicious behavior and thus alert you that maybe the extension should be avoided.

As these extensions will continue to be a problem, if you find that Chrome is utilizing too much CPU you can use Chrome Task Manager to check why Chrome is utilizing a lot of CPU.

Related Articles:

Using the Chrome Task Manager to Find In-Browser Miners

FacexWorm Spreads via Facebook Messenger, Malicious Chrome Extension

Some Chrome VPN Extensions Leak DNS Queries

Microsoft Ports Anti-Phishing Technology to Google Chrome Extension

Cryptojacking Script Makes It on the MSN Portal