In its new set of restrictions on Chrome Web Extensions Store which were introduced October 1, Google has curbed cryptojackers to mine on their victims’ computers.
The giant search engine confirmed in a blog post, that from now on, no Chrome extension that contains an “obfuscated” code will be allowed.
Obfuscated code, as experts explain, makes the process of reviewing extensions for approval complicated, in addition to the security implications it has, and is mainly used to “conceal code functionality”, according to Google.
Cryptojackers use “clandestine insertion of malicious malware into scripts” to hack computers connected to the network, and mine for cryptocurrency on them, without the the users of those computers notice their activities, as per IT experts.
Web Extensions for Crypto Mining Increase
Cybersecurity company Radware, reported last May, that many crypto mining malware extensions floated on the surface, in the Chrome web extensions store.
Those extensions were injected with a short obfuscated malicious script, in order to bypass the validation check Google run on extensions.
“Existing extensions with obfuscated code can continue to submit updates over the next 90 days, but will be removed from the Chrome Web Store in early January if not compliant,”, according to Google’s post.
“Today, over 70% of malicious and policy violating extensions that we block from Chrome Web Store contain obfuscated code.”, added Google.
Google, which announced its intention in that earlier this year, takes the step in response to the latest IT reports, which confirmed surreptitious use of apps and extensions for cryptocurrency mining purposes, is increasing regularly.
“Obfuscation techniques also come with hefty performance costs such as slower execution and increased file and memory footprints,” Google added.
It is mentioned that 2018 has witnessed a noticeable tendency by cryptojackers to use malware for cryptocurrency mining.