YouTube has been briefly caught out by adverts that sought to mine valuable crypto-coins using visitors’ computers.
The malicious adverts were spotted by security firm Trend Micro, which watches crypto-cash malware. The adverts included computer code that helped them mine the Monero crypto-currency. The rapid rise in the value of crypto-coins has prompted many cyber-crime gangs to try and cash in by using innocent machines to generate the cash.
The gangs are keen to get malicious code on lots of computers because most crypto-currencies rely on large networks of machines to verify transactions and generate new coins. The more machines working for them, the more coins they can extract.
Chaoying Liu and Joseph Chen from Trend Micro said the first sign of the campaign was a sudden tripling of the number of malicious coin-mining scripts the company caught.
Investigating the increase, the pair found a lot of advertisements that contained code for a well-known miner called Coinhive. “Attackers abused Google’s DoubleClick, which develops and provides internet ad serving services, for traffic distribution,” said the researchers.
On victims’ machines, when the mining script was triggered it would use 80% of the computer’s processing power to generate coins.
Trend Micro said it passed on its findings to Google who said it been “actively monitoring” this type of malware campaign. “In this case, the ads were blocked in less than two hours and the malicious actors were quickly removed from our platforms,” it said in a statement. Security researcher Chris Boyd, from anti-virus maker Malwarebytes, said the rapidly rising value of crypto-currencies such as Bitcoin had proved irresistible to many cyber-criminals. “Coin-mining has proven to be quite the craze,” he said.
It had become so popular because it involved less work than was required by many other scams, he added. “If you are into scams and malware and hijacks, you are always looking for the path of least resistance,” he said.