Cryptocurrency miners found a new way of using other people’s computers to give their cryptocurrency mining a boost: running ads on YouTube that consume visitors’ CPU power.
An Ars Tecnica report published on Friday revealed that certain ads on YouTube were found to “covertly leach off visitors’ CPUs and electricity to generate digital currency on behalf of anonymous attackers.”
Some of the affected YouTube users went to social media about how their antivirus programs were detecting cryptocurrency mining code in certain ads that popped up whilst watching Youtube.
— Diego Betto (@diegobetto) January 25, 2018
The attackers placed the malware on YouTube with the Google DoubleClick advertising platform.
The ads targeted users from Japan, France, Taiwan, Italy, and Spain, according to data from the Trend Micro Smart Protection Network.
A Google representative told Ars Tecnica that the ads were taken down in less than two hours and the attackers were subsequently removed from its platforms:
“Mining cryptocurrency through ads is a relatively new form of abuse that violates our policies and one that we’ve been monitoring actively.
“We enforce our policies through a multi-layered detection system across our platforms which we update as new threats emerge.
“In this case, the ads were blocked in less than two hours and the malicious actors were quickly removed from our platforms.”