The Monero cryptojacking trend continues

Chrome Extension With 105,000 Users Caught Mining Monero as Cryptojacking Trend Continues

Using other people’s CPU resources to mine the privacy-centric cryptocurrency Monero (XMR) has gotten so popular it’s now called cryptojacking. Core Media has reported on the trend ever since it started, with The Pirate Bay’s Monero mining experiment, and subsequent use of user’s computer resources to mine XMR.

The trend’s latest victim, according to Bleeping Computer, was a popular Google Chrome extension dubbed “Archive Poster.” It essentially helps Tumblr users reblog and repost from other blogs, and was compromised with Coinhive’s Monero mining code.

Several users noted their computers were excessively slow, and discovered the extension was hijacking their machines to mine cryptocurrency. As a result, the extension was flooded with negative reviews, with one user revealing it had the script. He added: “once installed it makes requests to coinhive which eats up your CPU time and slows your computer down massively. Avoid.”

Users noticed the change around the beginning of December, although its unclear when the cryptojacking code was actually added. Essence Labs, the organization behind Archive Poster, confirmed the mining code was there, but claimed it had been hacked.

In an email to PCMag, Essence Labs wrote:

“An old team member who was responsible for updating the extension had his Google account compromised. Somehow the extension was hijacked to another Google account.”

It isn’t clear who exactly was behind the hack.

Cryptojacking and Monero’s wild ride

As previously covered by Core Media, the Cryptojacking trend has led to various high-profile incidents. CBS-owned Showtime websites, for example, briefly ran the Monero mining code, and oil pipeline giant Transneft was also hit.

Recently, a mining botnet infected Facebook Messenger. It spread the cryptocurrency mining code via a non-embedded video file that once clicked executed a script. That script both ran a miner, and streamed a bogus video to distract the victim.

The craze got so big, hackers managed to hijack Coinhive itself – the code provider. After hijacking the company, they redirected mined Monero to their own wallet, forcing the company to pay users back their lost coins. Security experts are now cracking down on the trend, with Cloudflare banning websites that don’t warn users about CPU usage, and Opera browser adding a built-in anti-Cryptojacking tool.

At press time, Monero is trading at $316.89, up from roughly $16 per XMR in the beginning of the year. The privacy-centric cryptocurrency surged not just because of the Cryptojacking trend, but thanks to adoption from now-defunct darknet market AlphaBay and artists accepting it for merchandise.