Back to the list

Google Chrome plugin injected with mining virus

The special Google Chrome plugin designed for URL shortening (similar to TinyURL in mechanics) was infected with Coinhive, a script that mines Monero. Monero is very often used for criminal purposes, but this doesn’t mean it is itself bad — it just has very good technological advancements that can be used by criminals to hide tracks.

In this case, we owe our gratitude to Alessandro Polidori, a talented coder who correctly managed to find the threat source after getting a notification from Intrusion Prevention System designed by Nethserver.

                          This was the infected plugin’s homepage in the Chrome Web Store

If you don’t have decent detection tools, latent in-browser mining can be eradicated by reinstalling the browser or simply closing the website page that gets too much resources of your PC (this can be checked from the Task Manager if we talk about Windows). Soon, major antiviruses will learn to combat this threat even more efficiently, but for now, it’s better to follow the news about latent miners and malvertising - a process when a good website is injected with a cryptocurrency mining virus and thus becomes the hackers’ tool of stealing resources.

Back to the list