Story image

Google to ban cryptocurrency mining extensions from Chrome

09 Apr 2018

Google’s Chrome Web Store has now banned extensions that facilitate cryptocurrency mining, because script developers haven’t been following the rules.

According to the Chromium blog, during the last few months there has been an increase in malicious Chrome extensions that offer some useful functionality, but they also run cryptomining operations in the background without the user’s consent.

The cryptomining operations affect a system’s CPU usage, system resources, performance, and it can also lead to hire power consumption.

Now Google has moved to reject or remove most cryptomining scripts on the Web Store, and will not accept any more cryptomining extensions.

“Until now, Chrome Web Store policy has permitted cryptocurrency mining in extensions as long as it is the extension’s single purpose, and the user is adequately informed about the mining behaviour,” explains Chromium Extensions Platform product manager, James Wagner.

"Unfortunately, approximately 90% of all extensions with mining scripts that developers have attempted to upload to Chrome Web Store have failed to comply with these policies, and have been either rejected or removed from the store,” he continues.

The ban doesn’t include blockchain extensions that do not engage in cryptomining.

“The extensions platform provides powerful capabilities that have enabled our developer community to build a vibrant catalogue of extensions that help users get the most out of Chrome.”

“Unfortunately, these same capabilities have attracted malicious software developers who attempt to abuse the platform at the expense of users. This policy is another step forward in ensuring that Chrome users can enjoy the benefits of extensions without exposing themselves to hidden risks.”

Google recently announced it would ban most advertisements relating to  cryptocurrencies and other speculative investments, starting in June.

The restrictions affect advertising for cryptocurrencies, contracts for difference, binary options, financial spread betting, and rolling spot forex.

Those that offer genuine services in those fields must ensure that both their website landing pages and advertisements are in line with relevant legal requirements and Google AdWords policies.

MailChimp, Twitter, and Facebook have all clamped down on cryptocurrency  advertising over the past few months as scams, fraud, and deception run rife.

According to statistics from Check Point, one cybercriminal earned more than $3 million from mining the Monero cryptocurrency.  

Globally, 55% of organisations were targeted by cryptomining attacks in December 2017, Check Point research also found.

Last week Korea-based cryptocurrency exchange Coinnest was dealt a blow as its CEO Kim Ik-hwan was arrested for charges including fraud and embezzlement.

WhatsApp users warned to change voicemail PINs
Attackers are allegedly gaining access to users’ WhatsApp accounts by using the default voicemail PIN to access voice authentication codes.
Swiss Post asks public to hack its e-voting system
Switzerland’s postal service Swiss Post is inviting keen-eyed security experts and white hats to hack its e-voting system.
Spoofs, forgeries, and impersonations plague inboxes
It pays to double check any email that lands in your inbox, because phishing attacks are so advanced that they can now literally originate from a genuine sender’s account – but those emails are far from genuine.
Flashpoint signs on emt Distribution as APAC partner
"Key use cases that we see greatly benefiting the region are bolstering cybersecurity, combating insider threats, confronting fraud, and addressing supply chain risk, to name a few."
The attack surface: 2019's biggest security threat
As businesses expand, so does their attack surface – and that may be the biggest cybersecurity risk of them all, according to Aon’s 2019 Cyber Security Risk Report.
Opinion: Cybersecurity as a service answer to urgent change
Alan Calder believes a CSaaS model can enable a company to build a cyber resilience strategy in a coherent and consistent manner.
Why SD-WAN is key for expanding businesses - SonicWall
One cost every organisation cannot compromise on is reliable and quick internet connection.
New threat rears its head in new malware report
Check Point’s researchers view Speakup as a significant threat, as it can be used to download and spread any malware.