Google Chrome ships a default, hidden extension that allows code on *.google.com access to private APIs, including your current CPU usage - eviltoast
  • abbadon420@lemm.ee
    link
    fedilink
    arrow-up
    12
    ·
    4 months ago

    Here’s the plan. You write an extension for chrome that makes chrome think all traffic from [cryptominingcentral.com] is actually from *.google.com. Make folks install the plugin via the tried and tested methods like phishing. … profit

    • authorinthedark@lemmy.sdf.org
      link
      fedilink
      English
      arrow-up
      7
      ·
      4 months ago

      couldn’t you do that anyway if you can get people to install an extension? taking advantage of this for crypto mining purposes feels like extra steps