Monero Miner has been detected in a Chrome extension!

  •  
  •  
  •  
  •  
  • 1
  •  
  •  
  •  
    1
    Share

Researchers have discovered that the developer of SafeBrowse Chrome extension with more than 140,000 users has inserted a JavaScript library in the extension’s code that consumes the CPU and mines for the Monero cryptocurrency using users’ machines and without getting their approval.

By analyzing the SafeBrowse extension’s source code, anyone can simply detect that the developer embedded the Coinhive JavaScript Miner, which offers a JavaScript miner for the Monero Blockchain (or others CryptoNote-based currencies) that you can embed in your website.

According to coin-hive.com:
“The Coinhive JavaScript Miner lets you embed a Monero miner directly into your website. The miner itself does not come with a UI – it’s your responsibility to tell your users what’s going on and to provide stats on mined hashes.
While it’s possible to run the miner without informing your users, we strongly advise against it. You know this. Long term goodwill of your users is much more important than any short term profits.”

The extension code starts a process that runs at all times in the browser’s background and drains the CPU power to mine for Moner currency, but for the profits of the SafeBrowse developers.

The extension has been removed from the Google Store, and the official website didn’t say anything about the addition of the Coinhive code.

The following two tabs change content below.

Unallocated Author

Please note that the article you are reading has an unallocated author as the original author is no longer employed at latesthackingnews.com, this has been put in place to adhere with general data protection regulations (GDPR). If you have any further queries, please contact: [email protected]

Latest posts by Unallocated Author (see all)

Unallocated Author

Please note that the article you are reading has an unallocated author as the original author is no longer employed at latesthackingnews.com, this has been put in place to adhere with general data protection regulations (GDPR). If you have any further queries, please contact: [email protected]

Leave a Reply