Extensions platform product manager James Wagner reports that Google is cracking down on all Chrome extensions that include a cryptocurrency mining component. Starting now, Google is rejecting all cryptocurrency mining extensions submitted to the Chrome Web Store. Those that are already listed will be delisted by late June. Meanwhile, extensions with blockchain-related purposes not tied to cryptocurrency mining will remain on the store unscathed.
So what is Google’s beef with cryptocurrency mining extensions? The company has no problem listing extensions with a single purpose of openly mining digital coins in the background. Instead, Google has an issue with developers uploading and listing Chrome extensions advertising one specific functionality, but secretly mine digital coins in the background without the user’s consent.
“Over the past few months, there has been a rise in malicious extensions that appear to provide useful functionality on the surface, while embedding hidden cryptocurrency mining scripts that run in the background without the user’s consent,” Wagner said. “These mining scripts often consume significant CPU resources and can severely impact system performance and power consumption.”
Google says that 90 percent of all Chrome extensions with an embedded mining script fail to comply with the company’s policy of adequately informing users about the full behavior of a listed extension. To solve the problem, Google is banning all extensions with a cryptocurrency mining component rather than investigating each one individually to see if they meet the company’s disclosure policies.
But Google has a far bigger task than banning cryptocurrency mining extensions in Chrome. Malicious Chrome extensions are still a problem on the Chrome Web Store even though their presence decreased around 70 percent over the last several years. Just as hackers target Windows because it’s the most-used operating system on the planet, they are targeting the Chrome browser too because it commands nearly 70 percent of the global browser market.
“What we’re seeing is an increase in criminal use of extensions,” says William Peteroy, CEO of the security firm Icebrg. “And when we start to see criminal pickup on things it absolutely meets our bar that this is something we need to pay attention to.”
For example, in August, a financial Chrome extension called Interface Online hid banking malware and avoided detection by 58 anti-virus applications. When Google finally figured out what was going on, it removed the extension from the Chrome Web Store. But due to the malware’s elusive nature, hackers created another extension and uploaded the malware again undetected. Google removed it a second time after receiving complaints from infected users.
Google’s latest Chrome extension crackdown follows its move to ban cryptocurrency advertisements from its AdWords network starting June. The ban has nothing to do with advertisements running mining scripts in the background, but rather the schemes associated with “unregulated or speculative financial products.” One such scheme is an initial coin offering where investors purchase tokens to get a new cryptocurrency off the ground, but the digital coin developers disappear with the money.
