Beware! This Is The First Firefox Extension That Injects Crypto Miner In Your Browser

In-browser mining services like CoinHive have given an easy-to-setup tool to notorious players who wish to hijack your CPU cycles and print free money. There are ways to curb this cryptojacking but new services keep mushrooming to target novice as well as experienced users.

For the first time, a Firefox add-on has been spotted that injects an in-browser miner. Detected by Bleeepingcomputer’s Lawrence Abrams, this extension is called Image Previewer. To infect the systems, the addon spreads via malicious websites that pretend to deliver a manual Firefox update.

When a user gets tricked into installing the update, the Image Previewer Addon is added to the browser. Once installed, the addon injects an iframe to a JS file that earns dollars via ad injection, link clickjacking, and popups.

The next step involves downloading the setup script for in-browser Monero miner. The xmr.main.min.js script contains the base64 encoded WebAssembly code that runs and mines Monero digital coins by exploiting 50% of CPU processing power.

To remove the extension, you can access the Firefox menu and delete the Image Previewer add-on. If you’re running Firefox and it’s consuming tons of memory, it’s advisable to perform a quick check. The users are also advised to only install extensions from official Mozilla Add-on repository.

Will cryptojacking turn out to be the biggest threat of 2018? Let us know your views and stay safe.

Also Read: How Did Google Wipe Out 700,000 Malicious Android Apps From Play Store? Using Artificial Intelligence