Archive Poster Chrome Extension Mines Cryptocurrency Via Users' Computers In Secret

A Google Chrome extension identified as "Archive Poster" has been tagged as an in-browser cryptojacking tool designed to mine cryptocurrency on targeted computer systems.

The fairly popular Chrome add-on, which counts around 105,000 active users, was reportedly weaponized to mine a digital currency known as Monero. The mining activities, which mostly involve hackers taking control of a system CPU, occur each time the Chrome browser is in use and can potentially lead to a sluggish computer due to system resources hog.

By original design of its developer, Archive Poster is an instrument for Tumblr users to disseminate blog posts with considerable efficiency and speed. As it turned out, the Chrome extension also doubles as an ingenious hacking tool that operates in the background.

Secret Coinhive Cryptojacker

The threat was reported by security researcher Troy Mursch, who claimed that at least four versions of Archive Poster have been infected and transformed into Coinhive cryptojacking tools. Mursch warned that versions 4.4.3.994 to 4.4.3.998 of the Chrome extension have been compromised, and continued use will pose risks.

The alert issued by Mursch appeared to have been corroborated by a number of users at the start of December. Archive Poster was the subject of bad reviews a few weeks back, but to date, the browsing tool remains ready to download from the Chrome Web Store.

The prevailing sentiment among concerned users is that Google has adopted a hands-off stance on the matter and wants the extension developer to resolve the issue. When one user attempted to call the company's attention regarding the threat, the response was simply "to get in touch with the extension developer for further assistance."

For its part, Archive Poster developer Essence Labs has issued confirmation that cryptojacking involving the Chrome extension is true, but the company made it clear that it was a hacking incident.

"An old team member who was responsible for updating the extension had his Google account compromised. Somehow the extension was hijacked to another Google account," Essence Labs said in a statement.

No Serious Threat

Cryptojacking, however, is not as harmful as the other form of malware attacks. The worst that it can cause is to overwork an infected machine but short of wreaking havoc or damaging files. This particular form of hacking pales in comparison to the recent ransomware attacks that can only be dealt with payment using Bitcoins.

It is estimated, though, that cryptocurrency mining is not going to die down anytime soon, as the activity has been proving lucrative lately. Monero, for example, was last pegged at a value of up to $380, a significant leapfrog from its mere $14 price seen in 2016.

ⓒ 2024 TECHTIMES.com All rights reserved. Do not reproduce without permission.
Join the Discussion
Real Time Analytics