New Requirements For Chrome Extensions To Protect Users From Crypto Attacks
Google will introduce stricter requirements for developers of Chrome extensions with an aim of minimizing risks of possible crypto attacks, according to the official blog post of the browser team.
By applying more stringent rules for extensions, Google representatives intend to constrain the risk of crypto attacks and malicious mining programs that allow fraudsters to use other people's devices to mine digital coins.
The Google team emphasizes in the post that, first of all, users need to be confident in the security of Google Chrome extensions, thereby taking full advantage of the transparency of all functions and access to the database.
By using different browser versions, for instance, Chrome 70, which is in the phase of beta testing, such procedures will allow users to restrict access for hosting platforms to the list of their websites or configure extensions so that this access requires user permission.
The Google team also explained that because of the emerging number of Chrome extensions, there are more and more situations when they may be used for fraudulent purposes.
Starting from October 1, Chrome Web Store will no longer accept the proposed extensions with difficult, not applicable for analysis code. Nearly two thirds of the malicious Web Store extensions prevented by the Google team have overly complicate coding.
Next year, extensions developers' accounts should be protected by a two-step verification system, which is the final stage of the security system introduced by the Google team.
As previously reported, hackers deceived users and developers of the MEGA platform by introducing a fake extension in the Chrome browser.