Cryptocurrency is the new hot commodity with both mainstream and underground users clamoring for it. The need for cryptocurrency seems high enough that hackers are now using YouTube ads to hijack computers and use them to mine it. Security researchers have discovered that anonymous attackers are injecting code into YouTube ads that will take control of a target computer’s CPU, often resulting in the PC to run hot and fast. So far YouTube viewers in Japan, France, Taiwan, Italy, and Spain seem to have been affected.
YouTube users took to social media to complain about the issue, noting the presence of the code caused machines to run less efficiently and overheat. Cybersecurity firm Trend Micro said the advertisements laced with hidden code resulted in three times more detections of cryptomining scripts than normal during the period it was active.
The ads in question have been served by Google itself, via its popular DoubleClick ad network. The scripts that are hidden inside are mining for a digital currency called Monero, which keeps transactions anonymous and untraceable. The attackers are also using popular mining software CoinHive. CoinHive is not a malicious software, but being that it is a mining software, hackers are using it in illegal ways.
Any time a person visits the site, the script kicks in and starts to hijack the processing power of the visitor’s computer, using it to mine for Monero—a task that involves solving complicated mathematical problems in order to process transactions and release additional currency.
The practice of hijacking computers to mine cryptocurrency is called cryptojacking. The only sign that you may have been targeted is that your PC’s fans may kick in hard or your system may feel slow and unresponsive. This is due to the high processing needs of mining digital currency. It is important to note that these attacks are usually not harmful to privacy but they are frustrating when the commandeer your PC’s processor.
YouTube and Google have yet to make a comment on the situation and are likely launching their own internal investigations. It makes one wonder if these cryptojackers will use DoubleClick to hijack other devices like mobile phones and tablets. Could they possibly inject their code into apps? Popular apps like a restaurant ordering app or a navigation app that run ads could be prime targets.
Last Updated on January 29, 2018.