Cryptocurrencies have been gaining a lot of attention lately. While there are hundreds of different kinds of currencies, bitcoin has been getting the most coverage, mainly due to its volatility. Although there are plenty of people who simply purchase the currency online or from ATMs, there are also plenty of others that mine it. For some, mining is a great way to earn a passive income, but can often have a high start-up and maintenance cost. But what if you could mine currency using other peoples resources? While not a virtuous solution, some folks have taken to this method by injecting websites or ads with cryptocurrency mining code. While this is nothing new, cryptocurrency mining code was recently discovered hidden in ads that were placed on YouTube.
The findings were made apparent when folks took to social media to highlight that their antivirus software was flagging YouTube as a problem. The situation was further fleshed out when Trend Micro offered its two cents, explaining that ads from Google's DoubleClick platform were being abused, injecting web miners into ads found on the platform. The ad contains Javascript that mines Monero through Coinhive. While a visitor browses the page and enjoys the content of an infected website, it utilizes the computing resources of that user, consuming it at a high rate. It's unfortunate that a website like YouTube isn't better monitoring what kind of ads are being displayed, but this isn't the first time it has had such an issue.
Unfortunately, as is the anonymous nature of cryptocurrency, even digging further and finding the account that the coin is being mined, there really isn't a way to expose the culprit. Trend Micro stated that the problem started as early as January 18, which means that there could be quite a bit of Monero mined using other peoples resources since that time. Google also chimed in stating:
"Mining cryptocurrency through ads is a relatively new form of abuse that violates our policies and one that we’ve been monitoring actively. We enforce our policies through a multi-layered detection system across our platforms which we update as new threats emerge. In this case, the ads were blocked in less than two hours and the malicious actors were quickly removed from our platforms."
Ars Technica noted that while Google stated that the ads were blocked in less than two hours, there is a discrepancy in what was reported by users and Trend Micro, with the ads running for a few days, up to maybe a week. As cryptocurrencies become more popular, there is always a chance that this kind of activity will increase. Luckily, antivirus software companies like Trend Micro and others are doing there best to alert users when this kind of activity is occurring.
Source: Ars Technica
27 Comments - Add comment