Beware viewers! Hackers conquer YouTube ads to mine ‘cryptocurrency’
A cryptocurrency miner somehow managed to sneak into YouTube in an attempt to secretly drill out the computing power from any YouTube viewers who came across the ads.
The attack—which can cause a victim’s machine to kick into high gear as the processor works to generate digital currency—hit users around the world, including YouTube viewers in Japan, France, Taiwan, Italy and Spain.
YouTube users took to social media to complain about the issue, noting the presence of the code caused computers to run slowly and overheat.
Cybersecurity firm Trend Micro said the advertisements laced with hidden code resulted in three times more detections of crypto mining scripts than normal during the period it was active.
The advertisements, which were served through Google’s own DoubleClick advertising platform, used scripts that mine for a digital coin called Monero—a cryptocurrency that has gained popularity (and value) due to its process that keeps transactions totally anonymous and effectively untraceable.
Any time a person visits the site, the script kicks in and starts to hijack the processing power of the visitor’s computer, using it to mine for Monero—a task that involves solving complicated mathematical problems in order to process transactions and release additional currency.
Often times, cryptojacking behaviour can go unnoticed by a user. The fan on their computer might kick in or they may notice their browser start to feel sluggish, but there is no intrusive behaviour that would tip off an individual they are being used to generate cash for someone else. Generally speaking, it is annoying but not a harmful attack—though there have been instances of cryptomining destroying mobile devices.
It still remains a mystery how the miners sneaked into YouTube.