Another case of “cryptojacking” was detected on YouTube and resolved by Google over the course of this week, Ars Technica reported Friday, Jan. 26. According to the report, anonymous hackers have managed to run ads on YouTube that consumed the visitors’ CPU power and electricity in order to mine cryptocurrencies for the attackers.
The users started posting complaints on social media this week telling that their antivirus programs detected cryptocurrency mining code in the ads that have been displayed to them by Youtube.
According to the report of the cyber security company Trend Micro, the attackers have managed to place mining malware on YouTube via the Google DoubleClick advertising platform. The ads disproportionately targeted users from Japan, France, Taiwan, Italy, and Spain.
The vast majority - ninety percent - of ads were using JavaScript code provided by Coinhive, a controversial cryptocurrency mining platform that allows its subscribers to earn income by using other people’s computing power in an unauthorized manner.
As has been discovered by Trend Micro on Friday, the YouTube ads have been responsible for a threefold increase in Web miner detections worldwide.
In reaction to complaints from the users, Google - who owns YouTube - has announced that the situation has been resolved in a couple of hours. According to an email from the company, "the ads were blocked in less than two hours and the malicious actors were quickly removed from our platforms."
However, there is still no precise information about the timeframe of the events as Google didn’t provide any additional data, while Trend Micro claims that the warnings about the abusive ads started emerging as early as Jan.18.
Earlier this month, the software security firm Check Point issued a report about a sharp increase in the prevalence of crypto-mining malware, stating that 55% of businesses worldwide are affected by the attacks. The report declared Coinhive to be the number 1 “Most Wanted Malware.”