Unregulated crypto-currencies have soared in value this past year, making a few millionaires and worrying a few hedge fund managers in the process. But crypto-currencies have also been great news for hackers and unscrupulous investors, who can use them for nefarious tricks.
One up-and-coming form of malware is called “crypto-jacking,” a process whereby a perfectly useful program secretly mines Bitcoin or some other crypto-currency in the background. The amount of mining on any one machine is insignificant — likely a value of a few cents per day, if that — but distributed over tens of thousands of machines, it can make a developer real money.
The latest culprit is a popular Chrome extension called Archive Poster, which helps users repost Tumblr blogs. According to reviews on the Chrome store, Archive Poster is also secretly running Coinhive, a distributed-network crypto-currency mining program. Using Coinhive, the developer was mining a currency called Monero using other people’s CPUs and electricity.
According to the Chrome store, the extension has 105,000 users, and presumably all of those are mining coins whenever their computer is on and Chrome is in use, as the extension runs in the background.
“ATTENTION! DANGEROUS! This extension is hijacked since a few weeks with a code which mines crypto-currency, which means it will change and read ALL data and sites you visit and causes 100% CPU usage,” one Chrome review says.
If you have Archive Poster installed, type chrome://extensions into your browser, and click the trash can icon next to the extension to remove it.