YouTube has plugged a hole in its video platform that allowed adverts to surreptitiously siphon a user’s computer power to mine cryptocurrency.
Security firm Trend Micro discovered that adverts on YouTube appeared to be leaching power from the processor of a the computer or laptop on which YouTube was being accessed on.
The culprit was found to be malicious adverts that contained a hidden script for the Coinhive cryptocurrency miner, which quietly taped into a CPUs power to crunch the calculations needed to generate digital currencies like Bitcoin and Monero.
Trend Micro found that the malicious adverts had got onto YouTube by infiltrating Google’s DoubleClick network, which distributes advertising across the search giant’s sites and services.
Related: Bitcoin price
The security company quickly informed Google, which moved to seal the hole it had in its advertising network.
“Mining cryptocurrency through ads is a relatively new form of abuse that violates our policies and one that we’ve been monitoring actively,” said a Google spokesperson.
“We enforce our policies through a multi-layered detection system across our platforms which we update as new threats emerge. In this case, the ads were blocked in less than two hours and the malicious actors were quickly removed from our platforms.”
However, various people tweeting about encountering such adverts on YouTube, including how the malicious ads had been detected by some anti-virus software, would indicate that such sneaky cryptocurrency mining went on for around a week before it was knocked on its head.
Hey @avast_antivirus seems that you are blocking crypto miners (#coinhive) in @YouTube #ads
Thank you 🙂https://t.co/p2JjwnQyxz— Diego Betto (@diegobetto) 25 January 2018
With the surging popularity of cryptocurrency, such clandestine mining referred to as ‘cryptojacking’, isn’t likely to go away anytime soon, especially if hackers can make an easy buck without too many people noticing.
Did you encounter any cryptocurrency mining adverts on YouTube? If so, let us know on our Facebook page or tweet @TrustedReviews.
Editorial independence
Editorial independence means being able to give an unbiased verdict about a product or company, with the avoidance of conflicts of interest. To ensure this is possible, every member of the editorial staff follows a clear code of conduct.
Professional conduct
We also expect our journalists to follow clear ethical standards in their work. Our staff members must strive for honesty and accuracy in everything they do. We follow the IPSO Editors’ code of practice to underpin these standards.
Editorial independence
Editorial independence means being able to give an unbiased verdict about a product or company, with the avoidance of conflicts of interest. To ensure this is possible, every member of the editorial staff follows a clear code of conduct.
Professional conduct
We also expect our journalists to follow clear ethical standards in their work. Our staff members must strive for honesty and accuracy in everything they do. We follow the IPSO Editors’ code of practice to underpin these standards.
