Hackers are using YouTube Ads to Mine Monero Cryptocurrency


Did you visit YouTube from January 18th to January 26th? There is a chance your browser was used by hackers to generate Monero cryptocurrency.

Since the value of Bitcoin has increased hackers and cybercriminals are taking advantage of every situation they can use to make easy money. This time, however, in a shocking event it has been identified that ads on Google’s YouTube, a popular video-sharing website, were using computing power (CPU) of its visitors to generate Monero cryptocurrency without their knowledge or permission.

CoinHive Code On YouTube Ads

It all started on January 25th when an Italian web developer Diego Betto, Tweeted that while visiting YouTube he noticed his CPU usage suddenly increased hinting at the presence of cryptocurrency minor on the site. On further analysis, Betto found out YouTube ads were infected with CoinHive JavaScript code to mine Monero.

Hackers are using YouTube Ads to Mine Monero Cryptocurrency
                                                                                                                      Diego Betto’s CPU usage on YouTube
CoinHive is a company that provides cryptocurrency miner, which sends any coins mined by the browser to the owner of the website, application or extension. Since September 2017 there have been more than 5000 websites that have been compromised to mine Monero through CoinHive.

On the other hand, CloudFlare considers the secret use of CoinHive code as using malware against site visitors. To prove its point, the security firm booted off one of its customers in October for using the CoinHive code and not allowing users to opt out of it or disable the code.

Was YouTube Compromised?

In a conversation with ArsTechnica, YouTube acknowledged the misuse of its ads but claims that the infected ads were blocked within two hours and malicious actors were also removed from its platforms.

“Mining cryptocurrency through ads is a relatively new form of abuse that violates our policies and one that we’ve been monitoring actively. We enforce our policies through a multi-layered detection system across our platforms which we update as new threats emerge. In this case, the ads were blocked in less than two hours and the malicious actors were quickly removed from our platforms.”

To read the original article:



Laisser un commentaire

Next Post

ATM "jackpotting" hacks start targeting U.S. cash machines

WASHINGTON, Jan. 29 (Xinhua) — World’s leading ATM makers have warned of “jackpotting” attacks against U.S. cash machines in the wake of the country’s first confirmed hacks, according to a media report. ATM jackpotting is a sophisticated hack that thieves gain physical access to the machine and, with the help […]