Cryptocurrency miners have become such a problem that Google is taking a radical measure to protect customers from stealthy miners disguised as legitimate browser extensions – banning any miner that even approaches its Chrome web store.
As we reported earlier, the crypto gold rush has triggered a massive influx of schemes to generate digital cash by leveraging the computing power of other people, and even entire servers. Recently, Russian nuclear weapons engineers were caught using their facility’s supercomputer to mine cryptocurrency. So it’s hardly a surprise Google is taking such a precaution.
Justifying its move, the search giant writes on the Chromium Blog:
“Over the past few months, there has been a rise in malicious extensions that appear to provide useful functionality on the surface, while embedding hidden cryptocurrency mining scripts that run in the background without the user’s consent. These mining scripts often consume significant CPU resources, and can severely impact system performance and power consumption.”
The problem, however, goes deeper. Until now, the Chrome Web Store policy allowed cryptocurrency mining extensions as long as the extension’s single purpose was exactly that – to mine cryptocurrency. The developer of the extension also had to inform users of the mining behavior. Fair enough, right? Well, not anymore, according to the Internet giant.
Starting now, no matter how legitimate a miner may be, the Chrome Web Store is no longer accepting submissions. The company says too many developers are regularly stretching or violating the rules, making it hard for the curation team to keep up with their mischief.
“Unfortunately, approximately 90% of all extensions with mining scripts that developers have attempted to upload to Chrome Web Store have failed to comply with these policies, and have been either rejected or removed from the store,” Google says. “Starting today, Chrome Web Store will no longer accept extensions that mine cryptocurrency. Existing extensions that mine cryptocurrency will be delisted from the Chrome Web Store in late June.”
The ban doesn’t affect other crypto/blockchain-related extensions, the company says.
Google’s approach may seem harsh, but it’s probably the best measure to take until the crypto mining craze loses some steam. Bitdefender telemetry from September 2017 to February 2018 showed that ransomware reports followed a descending curve, while coin miner reports increased by 130% by January 2018. Currently, coin miner reports beat ransomware by two to one.
*** This is a Security Bloggers Network syndicated blog from HOTforSecurity authored by Filip Truta. Read the original post at: https://hotforsecurity.bitdefender.com/blog/google-officially-bans-all-crypto-miners-from-chrome-web-store-19743.html