Industry News

First ever crypto-mining Chrome extension discovered

A Chrome browser extension, with over 140,000 users, is gobbling up the resources of users’ computers by secretly mining for virtual cash.

The SafeBrowse plugin claims to let you surf the web without the nuisance of wasting time, waiting for annoying advertising pop-ups to disappear so you can, for instance, get your hands on a free download.

What you may not realise, however, is how SafeBrowse’s authors are planning to make money out of your use of their ostensibly “free” tool. That’s because the browser extension automatically mines for digital cryptocurrencies as it runs in your background.

As Ghacks reports, if you have enabled SafeBrowse in your Chrome browser it will run continuously in the background, running crypto mining code from Coin Hive.

The typical user, however, may have no idea as what has occurring, and may not link their installation of the SafeBrowse extension with the fact that their computer’s central processor is now being kept busy making complex mathematical functions to generate income for the extension’s creator.

Ghacks reporter Martin Brinkmann believes this is the first ever example of a Chrome extension that engages in crypto-mining, but my guess is that it won’t be the last. Other developers will no doubt attempt to take advantage of the technique to make money out of the computers that their code is being run on.

Just this week, Pirate Bay got into hot water when it was discovered that it had added a JavaScript-based cryptocurrency miner to its website.

The question is this – are you happy for third-party code to mine for cryptocurrency on your computer without your permission?

My belief is that most people would prefer to know, and be required to give their explicit permission, rather than for a software engineer to assume they have free reign to do what they want. Especially when there can be an impact on system resources, such as the CPU.

Certainly, judging by the most recent reviews of SafeBrowse, many users appear to be in agreement with me, with some claiming that after installing the extension their CPU usage leapt up to 70%.

It’s clear to me that, just like the Android app store, Google could be doing a better job of policing its official Chrome Web Store. If it fails to get a handle on things, chances are that we will see many more coders exploit the unsuspecting browsers of internet surfers.

About the author


Graham Cluley is an award-winning security blogger, researcher and public speaker. He has been working in the computer security industry since the early 1990s, having been employed by companies such as Sophos, McAfee and Dr Solomon's. He has given talks about computer security for some of the world's largest companies, worked with law enforcement agencies on investigations into hacking groups, and regularly appears on TV and radio explaining computer security threats.

Graham Cluley was inducted into the InfoSecurity Europe Hall of Fame in 2011, and was given an honorary mention in the "10 Greatest Britons in IT History" for his contribution as a leading authority in internet security.


Click here to post a comment
  • Most definitely I would prefer to know, and to give my explicit permission for this behaviour. I understand that these app developers both want and deserve some remuneration for their work (as long as it's not malicious) but that developer ***must*** be open about this process for all users. For instance I know what is happening when I ***sign*** up for something like SETI@Home…
    This type of app behaviour not only increases CPU activity but if one leaves one's powerful gaming computer on all day or night it can cause an increase in your electric bill at the end of the month. Paying twice to support an app?
    Also with the value of Bitcoins a share to those who agree would not be out of line.

  • What a waste of time, energy, money for everyone… CPU mining (as in this "software") is something from the past. I'm not sure they made billions out of it !