Prior to the ban on random extension, the crypto community was the target of malicious codes introduced via extensions, most of which were deployed via Google’s web store. The tech giant, Google then announced plans to ban all browser extensions with obfuscating codes. The company said that this became necessary in order to protect users of the internet when they add any extensions to their browsers.
According to the release, this will afford users even more privacy and security in the face of prevailing circumstances. It was reported that cryptojackers have been exploiting the processing power of internet users by installing malicious codes in websites and browser extensions to enable them to use the processors of devices to mine digital currencies.
The release said,
“We’ve recently taken a number of steps toward improved extension security with the launch of out-of-process iframes, the removal of inline installation, and significant advancements in our ability to detect and block malicious extensions using machine learning.”
That was the first time Google changed its policy on mining browsers and extensions. Its policy has been that users whose devices are exploiting to mine digital currencies be informed that such activities are going on using their processor power.
Cryptojackers and other hackers have taken advantage of that loophole to surreptitiously install mining codes that target the so-called privacy coins.
Google recently stated that the most recently developed extensions have been targeting users’ digital currencies. It is no surprise then that the company is moving to ban them.
In a blog post in June of 2018, Google stated,
“approximately 90% of all extensions with mining scripts that developers have attempted to upload to the Chrome Web Store have failed to comply with these policies.”
There were concerns raised over the cryptojacking issue especially by the crypto community.
Monero the most prominent privacy coin, took some preventive measures by setting up a workgroup to help curtail the menace.
Changes in Google Chrome
Google’s next update for the Chrome browser after the release gave users more control and the ability to lock the browser for certain categories of hosts.
Google then imposed more stringent approval requirements for extensions. This means that developers started to go through additional compliance reviews before being added to the web store.
The new policy requires the delisting of extensions with confusing codes. Google is demanding that all such extensions be updated to versions with clear intentions.
As of 2019, all developer accounts started requiring enrollment in two-step verification before being able to submit browser extensions to the Web Store. This was meant to create an additional layer of safety with the requirement for authentication from a developer’s phone or by creating a physical security key as stated by CCN.
This ensured that only reputable developers have access to the web store, and that the malicious actors think twice before working on new extensions.