In order to mine cryptocurrencies, computer processing power of Youtube Ad views is being harnessed by the hacking community. This mining exercise is done through a malware attack which is known as ‘cryptojacking’. Google’ advertising services are believed to be used to target users.
YouTube, an American video-sharing website based in San Bruno, California, serves ads that can secretly percolate off its users’ CPUs as well as power to mine digital currencies. It has been reported that YouTube innocently does this on behalf of unidentified attackers.
According to Ars Technica, the issue first raised last week after social media users reported that YouTube ads were activating their anti-virus software. These ads were found to have mining code called CoinHive that secretly used up to 80% of visitors’ central processing units to generate digital currency for unidentified hackers.
Japan, France, Taiwan, Italy and Spain are the countries which users are believed to be affected. Researchers from anti-virus provider Trend Micro found the abuse of Google’s DoubleClick advertising platform drove a three-fold increase in the number of people using CoinHive on January 24.
How cryptojacking works?
By definition cryptojacking is a form of cyber attack in which a hacker hijacks a target’s processing power in order to mine cryptocurrency on the hacker’s behalf.
The latest network being targeted by cryptojackers is none other than Youtube, Google’s advertising service.A cryptojacker creates a clear account and submits a clean ad to Youtube. After Youtube approves it, the ad goes live. Concealing procedures are used to undermine Youtube’s system to swap the clean ad to another one that has a malicious script in it.
After a few hours, the ad will be detected and taken down. The cryptojacker’s account will be deleted and then a new clean account will be created and all the steps will be repeated.
Statements from the Industry
In a statement to Gizmodo, a spokesperson for the tech giant said that, while relatively new, mining cryptocurrency is an exercise the tech firm are reviewing closely. “We enforce our policies through a multi-layered detection system across our platforms which we update as new threats emerge,” the spokesperson said. “In this case, the ads were blocked in less than two hours and the malicious actors were quickly removed from our platforms.”
Cryptojacking has been a mounting problem for online businesses in recent years, as it’s proving an effective way of creating money in places where people are less likely to pay up following a ransomware attack. Instead of wanting a payout to release a victim’s data, the hackers can make use of the victim’s machine to mine cryptocurrency.
According to CyberScoop, cryptomining malware is the most commonly found infection in countries such as Ukraine, Bulgaria, Romania and Greece.
“Ransomware is the number one infection globally,” Bogdan Botezatu, the senior threat analyst at the cybersecurity firm Bitdefender, told the website. “Cryptominers rank second.”
On a previous occasion, In February 2018, a Spanish cybersecurity firm, Panda, wrote that a cyrptojacking script known as WannaMine had spread to “computers around the world.” The malware was being used to mine Monero, a cryptocurrency that is notable for its ability to mine using CPUs while actually having some value in fiat terms.