Leading internet browser, Google Chrome, has taken down a Chrome browser extension which was reported to be secretly mining cryptocurrency using the CPU power of the users.
The extension hijacks a user’s CPU and mines for Monero without asking for any permissions till Chrome is running.
In several reviews since the beginning of December, users had complained that the extension, Archive Poster was indulging in cyptojacking. The browser extension was developed by qplus.io and had over 1.05 lakh users. The extension allowed Tumblr users to “reblog, queue, draft and like posts directly from another blog’s archive.”
The process to secretly mine cryptocurrencies using user’s resources is popularly known as cryptojacking. Mining cryptocurrency – performing tasks to earn such digital currencies – requires very powerful hardware, and miners often use multiple computer systems to achieve this.
A user has no way to turn this off but to uninstall the extension or close the website executing the process.
After technology websites reported on the poor reviews and complaints last week, the extension now no longer appears on its link.
Facebook’s Messenger was also recently attacked with a new cryptocurrency-mining bot called “Digimine” to mine Monero. The bot only affects Facebook Messenger’s desktop or web browser version. As per a previous report, it sends a file which if opened on other platforms, does not work as intended. It cryptojacks a user’s browser and also installs a registry autostart mechanism as well as system infection marker. It launches Chrome on its own to install a malicious browser extension that it retrieves from a command-and-control (C&C) server.