t’s being reported by gHacks that a popular Chrome extension named SafeBrowse has been found running a crytpo-mining module in the background. The mining activity keeps running in the background when the browser is running and the extension is enabled. If you’ve installed the latest updated version of this extension, you might be seeing an increased CPU usage when Chrome web browser is running. The extension makes connections to coin-hive.com.

In the latest development, SafeBrowse has been removed from Chrome Web Store. Prior to that, it had about 150,000 users. While this Chrome extension was mining Monero crypto coins without user notifications, it was installed via a legitimate path. It’s possible that in future, crypto mining extensions could also be installed using a malware attack.

The websites of US telly giant CBS's Showtime contained JavaScript that secretly commandeered viewers' web browsers over the weekend to mine cryptocurrency. The flagship Showtime.com and its instant-access ShowtimeAnytime.com sibling silently pulled in code that caused browsers to blow spare processor time calculating new Monero coins – a privacy-focused alternative to the ever-popular Bitcoin. The hidden software typically consumed as much as 60 per cent of CPU capacity on computers visiting the sites. The scripts were written by Code Hive, a legit outfit that provides JavaScript to website owners: webmasters add the code to their pages so that they can earn slivers of cash from each visitor as an alternative to serving adverts to generate revenue. Over time, money mined by the Code-Hive-hosted scripts adds up and is transferred from Coin Hive to the site's administrators.

The JavaScript, which appeared on the sites at the start of the weekend and vanished by Monday, sits between HTML comment tags that appear to be an insert from web analytics biz New Relic. Again, it is unlikely that an analytics company would deliberately stash coin-mining scripts onto its customers' pages, so the code must have come from another source – or was injected by miscreants who had compromised Showtime's systems.