Google has dealt cryptocurrency mining extensions a blow by banning all mining programs from the Chrome Web Store.
These extensions have proved controversial in recent months, with many Chrome extensions harnessing the processing power of unsuspecting internet users to mine cryptocurrency remotely without their knowledge, an activity which slows down user devices. Archive Poster, a popular Chrome extension supposedly designed for managing Tumblr posts, was discovered to be mining Monero from hundreds of thousands of different devices in secret and without permission, a malicious activity now known as “cryptojacking”. An Android app was caught cryptojacking millions of devices in January, also mining Monero.
While Google had already banned malicious cryptojacking apps, the recent ban takes things a step further with a blanket ban that removes all extensions designed for mining, even those openly designed for that purpose. Google released a statement yesterday outlining the reasons behind the ban, saying “90% of all extensions with mining scripts that developers have attempted to upload to Chrome Web Store have failed to comply” with their new mining policies, recently implemented to deter malicious mining extensions. As of yesterday, no new cryptomining extensions are being accepted, and existing extensions will all be delisted by late June. Google clarified that blockchain extensions with non-mining functions were still welcome and under no threat at this time.
Cryptomining extensions were arguably popularised by torrent site The Pirate Bay, which began harnessing user’s CPU power last year in an attempt to monetize the site. Since then, bad actors have attempted to capitalize on the trend through malicious apps and extensions that are now making it difficult for legitimate versions to survive.
Casual users weren’t the only ones to fall prey to covert cryptomining operations recently – a Russian nuclear facility was allegedly compromised by its own staff when one of Russia’s most powerful supercomputers was discovered to have covert cryptomining software installed and operating. The nuclear supercomputer is supposed to remain offline at all times for security purposes, and the breach was apparently discovered when the scientists allegedly attempted to connect the computer to the Internet,
Tesla fell prey to a cryptojacking incident recently along with government websites throughout the US, UK and Australia – even Google’s own DoubleClick Ad service was used to illegally distribute mining software to unsuspecting users. While many casual internet users would reportedly be glad to sacrifice some CPU power in exchange for ad-free browsing, the ban will force at least 200 million Chrome users to look elsewhere.
Featured image from Shutterstock.
Last modified: May 20, 2020 8:56 PM UTC