The next case of mining using malware was detected on YouTube last week. Anonymous hackers managed to integrate into the commercials on YouTube a program that initiated the process of mining, which consumed the power of the processor and the electricity of visitors to the site, extracting crypto-currencies for intruders.
This week, users began to publish complaints on social networks, informing that their antivirus programs found the code for cryptocurrency mining in commercials that were shown to them on Youtube.
Our top trading bots
An independent security researcher, Troy Mursch, told :
YouTube was likely targeted because users are typically on the site for an extended period of time. This is a prime target for cryptojacking malware, because the longer the users are mining for cryptocurrency the more money is made.
According to the report of cyber security company Trend Micro, attackers managed to build a malicious program on YouTube through the Google DoubleClick advertising platform. The ads were broadcast on computers of target users from Japan, France, Taiwan, Italy and Spain.
90% of ads-used the JavaScript code provided by Coinhive, a controversial platform for mining cryptocurrency, which allows its subscribers to earn revenue by unauthorized use of the computing power of other people's computers.
In response to complaints from users, Google, the owner of YouTube, announced that the situation was resolved within a few hours. The company writes in an e-mail message:
The ads were blocked in less than two hours, and the attackers were quickly removed from our platforms.
The exact time frame for the events is not provided by Google. However, Trend Micro claims that warnings about mining in ads began to appear on January 18.
Earlier this month, Check Point, a cybersecurity company, published a report on the dramatic increase in the distribution of malware for crypto mining, saying that 55% of companies around the world are subject to these attacks. In the report, Coinhive was declared the first among the most wanted malicious programs.
Information Source: Bitcoinist