Story image

Google to ban cryptocurrency mining extensions from Chrome

09 Apr 2018

Google’s Chrome Web Store has now banned extensions that facilitate cryptocurrency mining, because script developers haven’t been following the rules.

According to the Chromium blog, during the last few months there has been an increase in malicious Chrome extensions that offer some useful functionality, but they also run cryptomining operations in the background without the user’s consent.

The cryptomining operations affect a system’s CPU usage, system resources, performance, and it can also lead to hire power consumption.

Now Google has moved to reject or remove most cryptomining scripts on the Web Store, and will not accept any more cryptomining extensions.

“Until now, Chrome Web Store policy has permitted cryptocurrency mining in extensions as long as it is the extension’s single purpose, and the user is adequately informed about the mining behaviour,” explains Chromium Extensions Platform product manager, James Wagner.

"Unfortunately, approximately 90% of all extensions with mining scripts that developers have attempted to upload to Chrome Web Store have failed to comply with these policies, and have been either rejected or removed from the store,” he continues.

The ban doesn’t include blockchain extensions that do not engage in cryptomining.

“The extensions platform provides powerful capabilities that have enabled our developer community to build a vibrant catalogue of extensions that help users get the most out of Chrome.”

“Unfortunately, these same capabilities have attracted malicious software developers who attempt to abuse the platform at the expense of users. This policy is another step forward in ensuring that Chrome users can enjoy the benefits of extensions without exposing themselves to hidden risks.”

Google recently announced it would ban most advertisements relating to  cryptocurrencies and other speculative investments, starting in June.

The restrictions affect advertising for cryptocurrencies, contracts for difference, binary options, financial spread betting, and rolling spot forex.

Those that offer genuine services in those fields must ensure that both their website landing pages and advertisements are in line with relevant legal requirements and Google AdWords policies.

MailChimp, Twitter, and Facebook have all clamped down on cryptocurrency  advertising over the past few months as scams, fraud, and deception run rife.

According to statistics from Check Point, one cybercriminal earned more than $3 million from mining the Monero cryptocurrency.  

Globally, 55% of organisations were targeted by cryptomining attacks in December 2017, Check Point research also found.

Last week Korea-based cryptocurrency exchange Coinnest was dealt a blow as its CEO Kim Ik-hwan was arrested for charges including fraud and embezzlement.

Privacy: The real cost of “free” mobile apps
Sales of location targeted advertising, based on location data provided by apps, is set to reach $30 billion by 2020.
Myth-busting assumptions about identity governance - SailPoint
The identity governance space has evolved and matured over the past 10 years, changing with the world around it.
Forrester names Crowdstrike leader in incident response
The report provides an in-depth evaluation of the top 15 IR service providers across 11 criteria.
Slack doubles down on enterprise key management
EKM adds an extra layer of protection so customers can share conversations, files, and data while still meeting their own risk mitigation requirements.
Security professionals want to return fire – Venafi
Seventy-two percent of professionals surveyed believe nation-states have the right to ‘hack back’ cybercriminals.
Alcatraz AI to replace corporate badges with AI security
The Palo Alto-based startup supposedly leverages facial recognition, 3D sensing, and machine learning to enable secure access control.
Ensign and IronNet partner to create cyber analytics capabilities
The Singapore-based joint venture will form a Cyber Analytics Center for Excellence focused on securing regional enterprises from sophisticated cyber threats.
Unencrypted Gearbest database leaves over 1.5mil shoppers’ records exposed
Depending on the countries and information requirements, the data could give hackers access to online government portals, banking apps, and health insurance records.