Cryptocurrency has become a trend lately where millions of people are using crypto mining to generate hefty revenues. However, evil has found the latest method to use YouTube ads for crypto mining on YouTube.
— Neville Hobson (@jangles) January 27, 2018
Trend Micro, a security firm noted that the CPU draining crypto-mining ads started appearing on Google’s advertising service, YouTube, on Wednesday. A number of users complained that their antivirus software got triggered by these ads on YouTube as the mining scripts tried to hack their CPU’s in order to mine cryptocurrency.
The whole world was affected by cryptojacking, however, users from Japan, Spain, Italy, Taiwan and France were targeted the most by the cryptojacking ads, according to Trend Micro.
The antivirus software recognized the piece of script from a service called CoinHive. The script was designed to mine the Monero cryptocurrency. The script was originally built to be used ethically, which means that users and the networks (on which the ads were displayed) were notified of the use. However, some bad actors made few changes in the script and used it unethically, without any notification.
Trend Micro reported that the attackers behind the ads abused Google’s Double-click ad platform and used about 80 percent of a users’ CPU processing power without any notice.
As soon as Google became aware of the act, it immediately took down the malicious ads from YouTube.
“Mining cryptocurrency through ads is a relatively new form of abuse that violates our policies and one that we’ve been monitoring actively. We enforce our policies through a multi-layered detection system across our platforms which we update as new threats emerge. In this case, the ads were blocked in less than two hours and the malicious actors were quickly removed from our platforms,” the company said in a statement.
Despite Google’s claim that it blocked the ads immediately within hours, Trend Micro wrote that the cryptojacking ads stayed on the network up to a week.
Now, this indicates that sites like Google are unable to detect and stop these abusive scripts from appearing on their advertisement platforms.
Cryptojacking, has become a serious issue but it may become worse and more frequent with the increase in cryptocurrency prices.