Monero Miner has been detected in a Chrome extension!

Share if you likedShare on Facebook0Share on Google+0Tweet about this on TwitterShare on LinkedIn4

Researchers have discovered that the developer of SafeBrowse Chrome extension with more than 140,000 users has inserted a JavaScript library in the extension’s code that consumes the CPU and mines for the Monero cryptocurrency using users’ machines and without getting their approval.

By analyzing the SafeBrowse extension’s source code, anyone can simply detect that the developer embedded the Coinhive JavaScript Miner, which offers a JavaScript miner for the Monero Blockchain (or others CryptoNote-based currencies) that you can embed in your website.

According to coin-hive.com:
“The Coinhive JavaScript Miner lets you embed a Monero miner directly into your website. The miner itself does not come with a UI – it’s your responsibility to tell your users what’s going on and to provide stats on mined hashes.
While it’s possible to run the miner without informing your users, we strongly advise against it. You know this. Long term goodwill of your users is much more important than any short term profits.”

The extension code starts a process that runs at all times in the browser’s background and drains the CPU power to mine for Moner currency, but for the profits of the SafeBrowse developers.

The extension has been removed from the Google Store, and the official website didn’t say anything about the addition of the Coinhive code.

Share if you likedShare on Facebook0Share on Google+0Tweet about this on TwitterShare on LinkedIn4

Eslam Medhat

is a professional pen-tester with over 9 years of IT experience bringing a strong background in programming languages and application security, ranging from network and system administration to exploit research and development. He reported various vulnerabilities for high profile companies and vendors and was successfully acknowledged by them.

Leave a Reply