As virtual currencies become popular and their values surge, this is increasingly becoming a problem. Websites and extensions are secretly adding code that hijack’s users’ CPU resources to mine virtual currency. In most cases, they’re doing that without informing the user. That’s what popular Chrome extension Archive Poster started doing recently. It was later discovered that the extension is now secretly mining the Monero virtual currency. The extension has subsequently been pulled by Google from the Chrome Web Store.
The Archive Poster extension has more than 105,000 active users. It had a near-perfect rating on the store before the extension was pulled. It improved the Tumblr user experience, enabling users to perform actions like queue, draft, reblog or like from blog archives.
Many users started to leave one-star reviews for the extension last month after it was discovered that the latest update to the extension had secretly added code to mine Monero. It used the Coinhive JavaScript minor which mines the virtual currency in the background while Chrome is running.
The extension didn’t even ask for additional permissions to run the mining script in Chrome. It did that by loading a file from an external URL which contains the Coinhive mining code. The extension was reported to Google by the users and the company took almost a month to finally yank it from the Chrome Web Store.