The extension, used by 105,000 people, is mining Monero without user consent.
2017 has been a magnificent year for the cryptocurrency industry. The year saw the virtual currency become hugely accepted across the globe. It’s popularity and value also peaked, rising at astronomical speed. The rise was evident both for legitimate and the bad actors. It’s without amazement then that, many websites have been caught trying to find ways to get their hands on the all-important cryptocurrency.
One of them, a popular Chrome extension which has about 105,000 users has also been discovered to be a cryptocurrency miner. The Chrome extension is believed to be mining the cryptocurrency Monero. The extension was seen to be running the cryptocurrency miner, Coinhive, which manages to secretly use people’s CPU processing power and mine Monero.
Reports coming out showed that the extension, Archive Poster, was being used to run Coinhive. The Chrome extension is widely used by Tumblr users to reblog or report from various other websites. A significant number users reported that they could see a rise in their CPU usage. The users started seeing the changes in CPU usage around the beginning of December and since then, they have put bad reviews for the extension. One of the users advised others to stop using the extension, indicating that it was loaded with a mining script for the cryptocurrency. The user also warned that the extension would then slow down the computer massively because of the CPU usage.
The developer behind Archive Poster, Essence Labs, said that the extension had been hacked and confirmed the presence of the crypto-miner. Talking to reporters, Essence Lab said, that one of their old team members who were responsible for extension updates had been hacked through their Gmail account. The company also said that they advised users to use a safer version of the version, which was available through a different link. However, they did not disclose when hack took place or who they thought was responsible.
This is not the first time that several websites are discovering crypto-miners on their programs. In the last few months, Pirate Bay, Starbucks, UFC website, and Politifact have all been targeted. Security researcher, Troy Mursch has been tracking these kinds of incidents and said that Movistar’s official website had also been hacked. Hackers are going far and beyond to mine cryptocurrencies. They have also used Facebook Messenger, and other Android apps to get what they want. Most researchers believe that the rise in hacking incidents is due to the launch of the Coinhive service which is relatively easy to use.