Google’s Ban of Obfuscated Code From Web Store Extensions Likely to Affect Cryptojackers
Google’s new restrictions on Chrome Web Store extensions introduced Monday, October 1, are likely to affect cryptojackers.
In a blog post, Google confirmed that as of now, Chrome extensions submitted to the Web Store would not be allowed if they contained “obfuscated” code.
Aside from the security implications, obfuscated code, which the post describes as “mainly used to conceal code functionality,” “adds a great deal of complexity” to the process of reviewing extensions for approval.
Cryptojackers rely on the clandestine insertion of malicious malware into scripts, allowing them to mine for cryptocurrencies without those being hacked noticing. In May, cybersecurity firm Radware reported on several crypto mining malware Chrome extensions that had “inject[ed] a short, obfuscated malicious script” in order to “bypass Google’s extension validation checks.”
“Existing extensions with obfuscated code can continue to submit updates over the next 90 days, but will be removed from the Chrome Web Store in early January if not compliant,” Google’s Oct. 1 post reads, adding:
“Today over 70% of malicious and policy violating extensions that we block from Chrome Web Store contain obfuscated code.”
While not making specific references to any form of extension in particular, Google’s decision comes as reports of surreptitious use of apps, extensions and more to mine cryptocurrency surface with increasing regularity.
As Cointelegraph reported last month, 2018 has seen an almost 500 percent rise in reports of cryptocurrency mining malware.
“Obfuscation techniques also come with hefty performance costs such as slower execution and increased file and memory footprints,” Google added.