81078
Google confirmed the breach of YouTube’s ad policies.
Google confirmed the breach of YouTube’s ad policies.

YouTube Hosted Malicious Crypto-Mining Ads

YouTube Hosted Malicious Crypto-Mining Ads

Google has said it is developing new techniques to detect malicious crypto-mining adverts after YouTube was caught displaying them to unsuspecting users. Ad-based miners are a new form of malware that generate revenue while slowing down the user’s device.
The ‘malvertizing’ campaign was detailed by security firm Trend Micro in a blog post late last week. It was large enough to create a temporary tripling in the number of active Coinhive miners. Coinhive is a service which provides JavaScript cryptocurrency mining scripts that can run inside web browsers, Digital Journal reported.
Analysis of the surge in traffic revealed it was originating from adverts hosted on Google’s DoubleClick network that were displayed alongside YouTube videos. As unknowing users browsed the site and watched content, the ads silently mined coins of the Monero cryptocurrency for the attackers. It is impossible to determine how many coins the campaign could have mined.
The scripts were configured to use up to 80% of the device’s CPU power, implying the attacker was trying to avoid detection. Because cryptocurrency mining is a performance-intensive operation, the user is likely to notice significant performance slowdowns on their device. The processor throttling prevents the script from consuming all the device’s resources, which could mitigate some of the slowdowns and prevent the user from noticing.
Ads that employ cryptocurrency mining scripts to create revenue are a new form of attack that first gained attention last year. Streaming services such as YouTube are ideal targets because users tend to spend a long time on each page. While watching a YouTube video, an ad could be displayed uninterrupted for multiple minutes at a time, maximizing coin production.
In a statement last week, Google confirmed the breach of YouTube’s ad policies and said it is taking steps to prevent future similar campaigns. The company claimed it removed the ads “in less than two hours,” although it has not clarified the timeline of events.
There are steps users can take to prevent the activity, such as installing a browser security extension. This can help to minimize the attack’s impact and prevent websites from consuming excessive resources.

Short URL : https://goo.gl/rNNBrL
  1. https://goo.gl/iLwqtL
  • https://goo.gl/RkokkX
  • https://goo.gl/pL65oL
  • https://goo.gl/ZdhaQJ
  • https://goo.gl/bsHPDC

You can also read ...

European Gov’ts Exploring Financial Channels for Iran
The French, British and German governments have told Iran they...
EU to Protect Firms in Iran Following US Refusal to Grant Waivers
EU countries on Monday gave European firms legal cover to...
Cuba Rolling  Out Mobile Internet Services
Cuba has started providing Internet on the mobile phones of...
$312m Paid in Travel Currency in 3 Months
A total of $312 million were allocated by the Central Bank of...
Wheelbarrow Tires Imported From Three Countries
Close to 853 tons of wheelbarrow tires worth more than $1.8...
Biggest Privatization Bid of the Year Set for July 31
Iranian Privatization Organization is scheduled to stage the...
Non-Oil Trade With China  Up 10%
Iran traded 7.38 million tons of non-oil commodities worth $5....
IMIDRO Outlines Q1 Downstream, Upstream Steel Performance
A total of 11.22 million tons of iron ore concentrate was...

Add new comment

Read our comment policy before posting your viewpoints

Trending

Googleplus