A report from Ars Technica has revealed that anonymous hackers have been running ads on YouTube that consumed the users’ CPU power and electricity to mine cryptocurrencies for the attackers. The You Tube users started posting complaints on the social media stating that their respective antivirus programs are detecting crypto-mining code in the ads that are displayed by YouTube.
According to another report from the cyber security company Trend Micro, attackers successfully managed to place crypto-mining malware on YouTube through Google DoubleClick ads platform. The ads are specific users from Japan, Taiwan, Italy, Spain, and France.
The large percent of ads are using the JavaScript code supplied by the Coinhive, which is a contentious cryptocurrency mining platform the enables its subscribers to earn returns by relying on other people’s computer power in an unlawful manner.
Trend Micro discovered that YouTube ads are responsible for an increase in the Web miner detections across the world. However, Google which owns YouTube responded to the client’s complaints by resolving the problem within a short period of time. Basing on the email from Google, the suspected ads were immediately blocked in less than two hours and the malicious actors were automatically removed from the firm’s platform.
Although it’s not clear how long the ads have been running on YouTube since Google didn’t provide additional data, Trend Micro states that the complaints about the abusive ads were first reported in early January 2018.
In January, Check Point issued a report about the significant increase in the crypto-mining malware and stated that the 55% of companies across the globe are being attacked by hackers. The report also highlighted Coinhive to be the ‘Most Wanted Malware’ in the world.
People who use Google Chrome browser are extended to a browser known as the Archive Poster which exposes their PCs to the crypto-mining attacks without even the users being aware of it. The extension browser which allows the users to reblog, draft, like posts right from the Archiver was actually hijacking the processing power in the PCs and using it to mine the cryptocurrencies.