Google cracks down on malicious cryptocurrency mining extensions on Chrome browser

Until now, cryptocurrency mining extensions were permitted to be on the Chrome extension store as long as its description clearly stated that mining cryptocurrencies was its only action.

Published Date
03 - Apr - 2018
| Last Updated
03 - Apr - 2018
 
Google cracks down on malicious cryptocurrency mining extensions...

Google has announced a crackdown on all cryptocurrency mining extensions that have been present on its Chrome internet browser's extensions store. Late yesterday, James Wagner, Google's Extensions Platform Product Manager for Chrome stated in a blog post that the move comes after an overwhelming majority of these extensions and plugins have failed to comply with the requisite privacy restrictions that have been put in place to prevent potentially risky data breaches. However, extensions that work in blockchain-related actions and are not related to cryptocurrency mining will be permitted to remain on Chrome's Web Store.

The move comes on the back of Google citing how these extensions have failed to comply with Google's safety policies, and more often than not, have contributed to being used by spammers with malicious intent. Starting now, Google will no longer accept applications from such extensions for enlisting on the Chrome Web Store, and existing extensions that are already on the store will be delisted and removed from it by late-June. Wagner stated on the blog, "Over the past few months, there has been a rise in malicious extensions that appear to provide useful functionality on the surface, while embedding hidden cryptocurrency mining scripts that run in the background without the user’s consent. These mining scripts often consume significant CPU resources, and can severely impact system performance and power consumption."

Until now, Chrome allowed such extensions to work as long as mining cryptocurrency happened to be its only purpose, and every detail of its actions were adequately explained to the user. However, Wagner notes, "approximately 90% of all extensions with mining scripts that developers have attempted to upload to Chrome Web Store have failed to comply with these policies." The move comes on the back of major privacy debates surrounding major internet organisations. Facebook found itself in hot water when a massive private data breach was reported by a researcher working for Cambridge Analytica, sparking the #DeleteFacebook tag all over the Internet. WhatsApp, too, has not been exempt from it, and only recently, an app called 'Chatwatch' was revealed to be taking advantage of the Internet Messaging app's publicly-available user online-offline status to track usage patterns, and even evaluate when a person may be asleep, or even analyse two users at the same time and make an educated guess on whether these two users are chatting with each other.

Google Chrome's extensions store presently has millions of extensions that enable a wide range of functions. "Unfortunately," Wagner adds, "these same capabilities have attracted malicious software developers who attempt to abuse the platform at the expense of users." More such actions are expected to be undertaken by companies across the world, as questions on cybersecurity continue to rise.

Digit NewsDeskDigit NewsDesk

The guy who answered the question 'What are you doing?' with 'Nothing'.