Home News YouTube Ads Hacked to Mine Cryptocurrencies!

YouTube Ads Hacked to Mine Cryptocurrencies!

written by Nathan Richardson January 29, 2018
Monero Cryptocurrency Mining Stolen Money Youtube Ads

This week, YouTube users discovered that their beloved media website was laden with some nasty surprises hidden in its ads. Hackers abused Google’s system and planted command scripts into YouTube ads with the intent of cryptocurrency mining and theft. Not only were user’s currencies mined, but their computer’s power as well, bringing them to a snail’s pace.

What Happened to the YouTube Ads?

So, how do these scripts even work? When they were sneakily installed, the new ads, laden with these scripts, were mixed into the ad lineup. Anyone in Japan, Taiwan, Italy, France, and Spain who were on YouTube at the time were affected. These new ads ran over the victims’ browsers to mine for the cryptoccurrency known as Monero (XMR). These virtual coins are worth around $320 per coin at time of writing, and are highly sought after. Thanks to users that had the antivirus Avast, which somehow managed to pick up the threat, Google was able to find and eliminate the ads. The “bad actors”, as they put it, have been since removed from all Google-related platforms.

CoinHive Strikes Again

The program behind the attacks is known as CoinHive, a JavaScript cryptocurrency miner used on numerous websites. This program runs in the background of the installed website and offers ad-free experiences, game currencies, and anything else the site owner comes up with for incentives. So, the longer visitors stay on the site, the more money the owner earns from using their visitors’ computers’ processing power. While it could be used in positive ways, unfortunately more often than not, it is used as a hijacking program to steal money from websites and users alike. YouTube ads are only the most recent way that these hackers have used the program for theft.

Since the hijacking program works in a simple manner, more hackers have been trying it out. First, the hacker installs the program into their ad. Next, the ad is injected into the ad lineup. Finally, once it’s been seen and/or clicked by an unsuspecting victim, it is already too late. However, the one saving grace for this whole problem was Avast. It’s likely that these hackers didn’t expect a free internet antivirus to be thorough enough to find out their scheme. Make sure you have a good antivirus on your computer if you’re going to surf the web. Most of all, be very careful what ads you click on.

 

So, is Google‘s security flawed? Could other potentially worse threats arise in the future? How can we prevent hacking? Let us know your thoughts in the comments!


Source :

Ars Technica

Want more geek?