Malicious YouTube ads secretly slowed down computers and earned bitcoin alternative Monero for attackers



YouTube users’ computers were being slowed down by ads that hijacked them to secretly mine cryptocurrencies, security researchers say.

The ads forced them to help malicious actors earn the cryptocurrency Monero, a bitcoin alternative, by hogging their computer processing power.

The process is known as crypto-jacking, and it’s a growing problem.

“An analysis of the malvertisement-riddled pages revealed two different web miner scripts embedded and a script that displays the advertisement from DoubleClick,” said Trend Micro.

“The affected webpage will show the legitimate advertisement while the two web miners covertly perform their task. 

“We speculate that the attackers’ use of these advertisements on legitimate websites is a ploy to target a larger number of users, in comparison to only that of compromised devices.” 

90 per cent of the time, the malicious adverts would launch a miner called Coinhive, while in the remaining 10 per cent of cases, a private web miner would be used.

Each would covertly use up 80 per cent of victims’ computer processing power for mining, resulting in the machine running much slower than normal.

What’s more, Trend Micro says the adverts that appeared on YouTube helped drive up the volume of cryptojacking incidents involving Coinhive by almost 285 per cent.

“Attackers abused Google’s DoubleClick, which develops and provides internet ad serving services, for traffic distribution,” the company added. 

“Data from the Trend Micro Smart Protection Network shows affected countries include Japan, France, Taiwan, Italy, and Spain.”

Google has now blocked the adverts from YouTube.

“Mining cryptocurrency through ads is a relatively new form of abuse that violates our policies and one that we’ve been monitoring actively,” a Google spokesperson told The Independent

“We enforce our policies through a multi-layered detection system across our platforms which we update as new threats emerge. In this case, the ads were blocked in less than two hours and the malicious actors were quickly removed from our platforms.”

We’ve teamed up with cryptocurrency trading platform eToro. Click here to get the latest Bitcoin rates and start trading. Cryptocurrencies are a highly volatile unregulated investment product. No EU investor protection. 75% of retail investor accounts lose money when trading CFDs.



READ SOURCE

READ  Coinbase OMG Launch, IG Outage, CFH Aus Expansion: Editor’s Pick - Finance Magnates

LEAVE A REPLY

Please enter your comment!
Please enter your name here