Google bans cryptocurrency mining extensions from Chrome Web Store

Google banishes cryptocurrency mining extensions from Chrome Web Store

The tech giant is taking the measure after a rise in malicious browser extensions that mine digital money by hijacking the processing power of users' computers. The clampdown follows Google’s recent move to stop serving any and all adverts promoting virtual currencies and initial coin offerings.

The tech giant is taking the measure after a rise in malicious browser extensions that mine digital money by hijacking the processing power of users’ computers. The clampdown follows Google’s recent move to stop serving any and all adverts promoting virtual currencies and initial coin offerings.

Google will no longer allow cryptocurrency mining extensions in its Chrome Web Store, regardless of whether or not they are upfront about what they do, according to an announcement on the technology giant’s Chromium blog on Monday. As a result, no new mining extensions are accepted into the store in a measure effective as of Monday April 2nd, while existing ones will be removed in late June.

Google’s extensions platform product manager James Wagner wrote that the store had previously permitted cryptocurrency mining extensions with the proviso that this was their sole purpose and the user was kept up to speed about what such an extension did.

However, Google has found that around nine out of ten extensions that include mining scripts failed to play by the book, prompting the company to introduce the blanket ban.

“Over the past few months, there has been a rise in malicious extensions that appear to provide useful functionality on the surface, while embedding hidden cryptocurrency mining scripts that run in the background without the user’s consent,” according to Google.

For example, in December, Google booted a Chrome extension that, in addition to its stated purpose, had also roped unsuspecting users into mining digital coins. The extension had amassed more than 105,000 installations over the span of several weeks.

Meanwhile, extensions with blockchain-related purposes other than mining get off scot-free in the new policy.

The latest clampdown follows a measure in March whereby Google introduced a ban, also as of June, on all adverts that promote digital currencies. This mirrored a policy change that Facebook adopted in January. Twitter followed suit in late March.

Cryptojacking, or the hijacking of the computer processors of unsuspecting users to generate virtual currencies, has exploded in popularity in recent months. Scripts mining virtual currencies have become notorious for chewing up much of a computer’s processing resources, thus affecting system performance and driving up energy bills for the usually unsuspecting users.

Chart showing CPU usage by a cryptocurrency mining extension (source: Chromium blog)

While malicious cryptocurrency mining is not a new phenomenon, covert campaigns picked up extra steam with the launch of the Coinhive in-browser mining service in September. Coinhive’s JavaScript has been co-opted by scammers looking to make a quick buck. The explosion in illicit coin mining roughly coincided with the dramatic rise in the prices of digital currencies.

Coinhive’s script and numerous copycats have been detected on thousands of websites, including many legitimate but compromised websites, as well as in browser extensions and plugins, and on typo-squatted domains.

Surreptitious mining scripts have also been supplied alongside malware, in malvertising campaigns, and through hijacked cloud services. Miscreants have also smuggled the scripts into at least 19 apps in Google Play Store.

Discussion