Attackers are using YouTube ads to illegally mine cryptocurrencies on users’ CPUs according to reports and complain that came up this week.
This was confirmed by researchers from Trend Micro, an antivirus provider. The researchers said attackers are abusing Google’s DoubleClick ad platform to display ads to YouTube visitors in countries such as Japan, France, Taiwan, Italy, and Spain.
“This is a prime target for crypto jacking malware because the longer the users are mining for the cryptocurrency. The more money is made,” Troy Mursch who is an independent security researcher says Arstechnica. He cited an example of a campaign that used Showtime website to deliver cryptocurrency mining ads as another example of attackers targeting a video site.
They said the campaign started on January 18
The attackers are targeting YouTube because it attracts millions of visitors and people spend considerable time watching videos on it. The report came after many people complained that their antivirus programs were detecting cryptocurrency mining codes when they visited YouTube.
Users posted ads on social media and forums, including a case where one was using to mine Monero coins. Thus, on behalf of a Coinhive user with a site key of “h7axC8ytzLJhIxxvIHMeC0Iw0SPoDwCK”. It was not possible to know how much coins they got from the illegal activity. The software drains users of their computer resources and electricity.
These are programs that install malware and scam people out of money when run.