Popular Chrome Extension With 100,000 Users is Secretly Mining Cryptocurrency

2017 was undoubtedly the year of cryptocurrencies. We have witnessed the world obsessed for the cryptocurrencies and exploring distinct ways of mining the digital assets such as using a Tesla car to mine digital coins and designing a special suit that converts body heat to energy for mining cryptocurrency.

With the growing popularity, these currencies have drawn the attention of the hackers and they have come up with a method called crypto jacking to mine cryptocurrencies secretively using computer resources without the user’s permission.

Chrome-Extension-Archive-Poster

According to the latest news, a popular chrome extension, Archive Poster was found secretly mining cryptocurrencies in the background. Archive Poster is a chrome extension that helps users to repost Tumblr blogs and or like posts from other blogs archive. In the review section of the Chrome Store, many users have reported that the extension is using Coinhive to mine Monero using CPU and electricity. This is the same Coinhive that the world’s most popular torrent website, ‘The Pirate Bay’ used to mine Monero last year.

According to the Chrome web store, Archive Poster has a total of 105,062 users and presumably, all those users are victims of crypto jacking. Apparently, the extension started using Coinhive around the start of December.

“Do not use this extension as it comes loaded with a cryptocurrency mining script. Once installed it makes requests to coinhive which eats up your CPU time and slows your computer down massively. Avoid,” one user wrote.

404-error

Essence Labs, the company that developed Archive Poster said, “An old team member who was responsible for updating the extension had his Google account compromised… Somehow the extension was hijacked to another Google account. In the meantime, we have alerted the users to use a safe version of the extension on a different link.” And the company released a new and safer version of the extension named as “[Safe] Archive Poster.”

A month after the reporting by a user, Google removed Archive Poster from the Chrome Web Store recently. The link to the older extension is giving a 404 error. In case you are running the older version you can remove the extension from the web browser on chrome://extensions/.

For more security, learn the techniques for blocking the cryptocurrency mining in your web browser.

Leave a Reply