Slashdot Mirror

← Back to Stories (view on slashdot.org)

Chrome Extension with 100,000 Users Caught Pushing Cryptocurrency Miner (bleepingcomputer.com)

Posted by msmash on from the never-ending-nightmare dept.

Catalin Cimpanu, reporting for BleepingComputer: A Chrome extension with over 105,000 users has been deploying an in-browser cryptocurrency miner to unsuspecting users for the past few weeks. The extension does not ask for user permission before hijacking their CPUs to mine Monero all the time the Chrome browser is open. Named "Archive Poster," the extension is advertised as a mod for Tumblr that allows users an easier way to "reblog, queue, draft, and like posts right from another blog's archive." According to users reviews, around the start of December the extension has incorporated the infamous Coinhive in-browser miner in its source code.

17 of 47 comments (clear)

  1. Affiliate links by 110010001000 · · Score: 3, Funny

    That is really underhanded. It is like posting affiliate links to unrelated Amazon stuff.

  2. charge the authors with theft by Ritz_Just_Ritz · · Score: 4, Insightful

    If the extension is surreptitiously stealing your cpu cycles and electricity to perform an activity that the authors did not explicitly ask permission, I would say that meets the definition of theft. File a criminal complaint and let the authorities chase them around.

    1. Re:charge the authors with theft by known_coward_69 · · Score: 1

      call the FBI. i'm sure they'll get right on it

    2. Re:charge the authors with theft by JThundley · · Score: 1

      This is Tumblr we're talking about, I think you meant to say "charge the authors with rape".

  3. Re:And Firefox just moved to this extension model? by MightyYar · · Score: 5, Insightful

    Security is one justification, but the real problem is that the old extension model allowed extensions to hook into every part of the GUI. This meant that any change to the GUI at all could potentially break an extension. They tried patching this by keeping track of what version an extension was developed against, but in the end they felt that the system was fundamentally broken and was holding the whole project back. Personally, I share your frustration as the new model can't even accommodate seamlessly shifting the tabs over to the side, or adding a button to pop open the password manager. I'm hoping they continue to add capability.

    --
    W..w..W - Willy Waterloo washes Warren Wiggins who is washing Waldo Woo.
  4. The dangers of popularity by IWantMoreSpamPlease · · Score: 1

    100k users is nothing, 1million is nothing. Popularity of an extension means nothing if something like this can happen. The auto-update method for extensions is ripe for abuse.
    IIRC, not that long ago places like GitHub were taken over in such the same manner. Trusted applications were suddenly wrapped with malware.

    I don't have a solid answer, but it's something worth looking into.

    --
    So rise up, all ye lost ones, as one, we'll claw the clouds.
  5. Re:And Firefox just moved to this extension model? by jbmartin6 · · Score: 2

    More secure isn't the same as perfect security and no one claimed it was, so your approach of taking one failure and concluding that the whole model isn't any better than the previous one fails the logic test. Unfortunately, since browsers are so capable and widely used, a browser extension is essentially just an additional application with all the threats that confers. If you install a crappy extension, you will get crappy results. The defense is to vet your browser extensions as carefully as you do your applications. P.S. all the Firefox extensions I use work fine on the new model.

    --
    This posting is provided 'AS IS' without warranty of any kind, implied or otherwise.
  6. Re:This practice needs to be outlawed now. by rgbatduke · · Score: 1

    Awww, come on, let the kiddies get rich selling each other rocks...

    --
    Even when the experts all agree, they may well be mistaken. --- Bertrand Russell.
  7. Re:This practice needs to be outlawed now. by DontBeAMoran · · Score: 1

    ...it should be illegal to waist resources, and therefor pollute...

    It should also be illegal to write posts like yours but you don't see us asking to send your ass to jail.

    Also, not all energy is wasted or polluting. I'm mining Monero right now, powered by hydro-electricity and the heat byproduct is helping to heat my house because we're in the middle of winter here. It's so cold that I'm almost tempted to build three more PCs with all the old motherboards and CPUs I have in a box somewhere.

    --
    #DeleteFacebook
  8. Re:And Firefox just moved to this extension model? by Lunix+Nutcase · · Score: 1

    Clearly the problem is that the extension wasn't written in Rust...

  9. Hmm... by Anonymous Coward · · Score: 1

    So you're telling me there's finally a way to monetize Chrome extensions?

  10. Re:Cryptocurrencies need to invalidate coins. by Ash-Fox · · Score: 1

    How does Gridcoin (BOINC's cryptocurrency) invalidate coins mined without consent when it's discovered say, a after being mined?

    --
    Change is certain; progress is not obligatory.
  11. How much did the extension cost? by lano1106 · · Score: 1

    and is it useful?

    I bet that if the creator did offer a paid premium version without the mining even at a very reasonable price most users would quietly shutoff and continue using the free mining version....

  12. Tumblr bleeding by kristofer.vesi · · Score: 1

    The shit about Yahoo and Tumblr, Yahoo made the small barely standing Tumblr fall and puke, now this too, it encourages users to leave it... Sad to see Tumblr leaving...

  13. Area to block: photorito.me by Trax3001BBS · · Score: 1

    HOSTS file or set into router. A Chrome Extension site, I've seen this site buried as a redirect hidden by it's ip address 163.172.60.109

  14. Re:This practice needs to be outlawed now. by SScorpio · · Score: 1

    Make sure you use Pentium 4 CPUs for maximum heat generation.

  15. Re:This practice needs to be outlawed now. by DontBeAMoran · · Score: 1

    You laugh, but I do have a P4 in the stack of old motherboards. I was planning to use it to cook gluten-free, zero-carb, free-range vegan pancakes.

    --
    #DeleteFacebook