Earlier this month, CCN reported on The Pirate Bay’s efforts to use visitor CPU to mine Monero in order to monetize the website’s traffic. The torrent index was using Coinhive, a JavaScript code that allows website admins to mine the anonymity-centric cryptocurrency using visitor resources.

Ever since The Pirate Bay used the code, various bad actors decided to seize the opportunity and start preying on people’s CPUs to mine the cryptocurrency, without asking them for consent. Recently, a Google Chrome extension dubbed “Short URL (goo.gl)” was caught using the JavaScript code by Node.js software engineer Alessandro Polidori.

Polidori was alerted by his network’s security tools, and decided to dig a little deeper into the extension. He found it was downloading and running a file named cryptonight.wasm from Coinhive to secretly mine the cryptocurrency.

The plugin’s developers didn’t mention the presence of the cryptocurrency miner in the URL shortener and, as such, Polidori decided to make sure nothing was tampered with and installed it to a new Chrome instance. He found out that, once again, his CPU usage was at 95 percent whenever Chrome was opened. He stated: