Story image

Google to ban cryptocurrency mining extensions from Chrome

09 Apr 18

Google’s Chrome Web Store has now banned extensions that facilitate cryptocurrency mining, because script developers haven’t been following the rules.

According to the Chromium blog, during the last few months there has been an increase in malicious Chrome extensions that offer some useful functionality, but they also run cryptomining operations in the background without the user’s consent.

The cryptomining operations affect a system’s CPU usage, system resources, performance, and it can also lead to hire power consumption.

Now Google has moved to reject or remove most cryptomining scripts on the Web Store, and will not accept any more cryptomining extensions.

“Until now, Chrome Web Store policy has permitted cryptocurrency mining in extensions as long as it is the extension’s single purpose, and the user is adequately informed about the mining behaviour,” explains Chromium Extensions Platform product manager, James Wagner.

"Unfortunately, approximately 90% of all extensions with mining scripts that developers have attempted to upload to Chrome Web Store have failed to comply with these policies, and have been either rejected or removed from the store,” he continues.

The ban doesn’t include blockchain extensions that do not engage in cryptomining.

“The extensions platform provides powerful capabilities that have enabled our developer community to build a vibrant catalogue of extensions that help users get the most out of Chrome.”

“Unfortunately, these same capabilities have attracted malicious software developers who attempt to abuse the platform at the expense of users. This policy is another step forward in ensuring that Chrome users can enjoy the benefits of extensions without exposing themselves to hidden risks.”

Google recently announced it would ban most advertisements relating to  cryptocurrencies and other speculative investments, starting in June.

The restrictions affect advertising for cryptocurrencies, contracts for difference, binary options, financial spread betting, and rolling spot forex.

Those that offer genuine services in those fields must ensure that both their website landing pages and advertisements are in line with relevant legal requirements and Google AdWords policies.

MailChimp, Twitter, and Facebook have all clamped down on cryptocurrency  advertising over the past few months as scams, fraud, and deception run rife.

According to statistics from Check Point, one cybercriminal earned more than $3 million from mining the Monero cryptocurrency.  

Globally, 55% of organisations were targeted by cryptomining attacks in December 2017, Check Point research also found.

Last week Korea-based cryptocurrency exchange Coinnest was dealt a blow as its CEO Kim Ik-hwan was arrested for charges including fraud and embezzlement.

JASK prepares for global rollout of their AI-powered ASOC platform
The JASK ASOC platform automates alert investigations, supposedly freeing the SOC analyst to do what machines can’t. 
Pitfalls to avoid when configuring cloud firewalls
Flexibility and granularity of security controls is good but can still represent a risk for new cloud adopters that don’t recognise some of the configuration pitfalls.
Why total visibility is the key to zero trust
Over time, the basic zero trust model has evolved and matured into what Forrester calls the Zero Trust eXtended (ZTX) Ecosystem.
Gartner names Proofpoint Leader in enterprise information archiving
The report provides a detailed overview of the enterprise information archiving market and evaluates vendors based on completeness of vision and ability to execute.
Tensions on the rise after Huawei CFO arrest
“Recently our corporate CFO, Meng Wanzhou, was provisionally detained by the Canadian authorities on behalf of the United States of America."
Palo Alto Networks integrates RedLock and VM-Series with AWS Security Hub
AWS Security Hub is designed to provide users with a comprehensive view of their high-priority security alerts and compliance status.
Juniper simplifies data integration to improve threat detection
Updates to the Juniper Advanced Threat Prevention Appliances leverage third-party firewalls and security data sources.
Is mobile shopping compromising your enterprise security?
When employees do their holiday shopping on company resources, security teams have a challenge with the surge in browsing and online transactions.