Google Bans Web Store Extensions with Misleading Code

Reading Time: 2 minutes

Cryptojacking cases have risen considerably in the past year. In fact, according to a recent study, cryptojacking is up by over 400% in 2018 compared to the same period in 2017. In order to help abate the cryptojacking problem, Google has updated its policy on web extensions and apps that contain misleading or unnecessary code.
According to Google, around 70% of the apps and web extensions that it has flagged contain code that could be related to cryptojacking. Web extensions and apps that have this code – which Google refers to as “Obfuscated” code – still have a few more months to clean up their act. All new apps and web extensions being submitted will be declined if they contain this code, but all existing apps and extensions have until the 1st January 2019 to remove it and resubmit their app or extension.

More Vulnerable Than Ever

Unfortunately, we are now more vulnerable than ever before and a lack of technical knowledge is helping cryptojackers run wild. The majority of home internet users don’t have the technical knowledge needed to fend off a cryptojacking attack and remain safe, meaning cryptojackers have a whole hoard of easy targets.
One of the most common ways cryptojackers infiltrate home networks is through a router. Recently, over 200,000 routers were infected in a single attack due to a known issue in the firmware. The manufacturer had issued a firmware update six months prior to fix the bug, but router firmware upgrades are infrequently done due to a lack of user technical knowledge. In addition to outdated router software, scores of computers still run operating systems that are no longer supported by the developer, meaning there are lots of security flaws waiting to be exposed.

Keeping Yourself Safe

The best way to keep yourself and your home network safe from cryptojackers is to simply keep everything up to date. Regularly log into your router and check for firmware upgrades, and set automatic updates on your computers, tablets, and mobile devices.
In addition to updating your hardware, consider installing an ad blocker or script blocker. These will help to prevent cryptojacking scripts from running on web pages you visit that have been hacked. Don’t worry, these are super simple ways to protect yourself, and you can even check out our guide on how to protect yourself from cryptojackers.

A Dangerous Business

Cryptojacking is incredibly dangerous for victims, as it can cause a number of serious issues. The most common issue is the degraded performance of your machine or device. The cryptojacking scripts will consume up to 90% of your CPU power, meaning only 10% of the CPU cycles are being dedicated to tasks you want it to complete. This then generates extra heat and can cause parts to die prematurely, costing you a lot of money to fix or replace. On top of that, you have power and internet bills. Transmitting the data back and forth between your machine and the cryptojackers will eat up your upload and download limits fairly quickly. So, if you don’t want to get hit with a huge bill, keep yourself safe.
Cryptojacking is becoming more common place, so it’s time to take a stand against it. Google is taking the first steps to help the general public stay safe from cryptojacking, but more needs to be done. All browsers and app stores need to scan apps for this type of code and ban these apps from the stores immediately. Let’s hope Google starts a trend and can trigger the end of cryptojacking once and for all.