Popular Google Chrome Extension Caught Mining Cryptocurrency, Removed From Web Store
Google has taken down the Archive Poster extension from Google Chrome because of user backlash around this extension deploying an in-browser cryptocurrency miner without the knowledge of its users. The extension had over 100,000 users before it was taken down by Google. A 'safe' variant is, although, still available.
As we mentioned, the Chrome extension Archive Poster had been caught deploying an in-browser cryptocurrency miner unknowingly to its users in the past few updates. Reportedly, this extension did not ask for permission to utilise CPU power to mine Monero coins. Last month, Loapi Trojan had been spotted by Kaspersky mining the same cryptocurrency on Android phones. Archive Poster has been previously described as a plugin that acts as a mod for Tumblr, allowing users to repost, draft, like posts from another blog's archive.
According to the report by BleepingComputer, security researcher Troy Mursch first identified that the Coinhive cryptojacking code can be found in a JavaScript file present from the following URL: https://c7e935.netlify[.]com/b.js. The report also claims that this hidden cryptojacker has been present on at least four previous updates of the Archive Poster extension - from 4.4.3.994 to 4.4.3.998.
Google's response comes after users alleged the issue of cryptojacking in the review section of the Chrome Web Store. Growing popularity of Bitcoin and other cryptocurrencies has led to unethical practices like cryptojacking. Mining requires considerable power and ends up slowing down computers affected by it. Do note that a 'Safe' variant of the Archive Poster extension has since surfaced on the Web Store.
The Indian government had recently warned cryptocurrencies by alleging that investing in them is akin to Ponzi schemes that are infamous for bankrupting investors.