Por lo visto@YouTubees
muy gracioso y no le bastaba con bajarnos la audiencia, ahora
dispositivos para minar Monero! De verdad,@Google!
Que leeches estáis haciendo con YouTube??pic.twitter.com/NzMUMlArJs
On Friday, researchers with
antivirus provider Trend Micro said the ads helped drive a more
than three-fold spike in Web miner detections. They said the
attackers behind the ads were abusing Google's DoubleClick ad
platform to display them to YouTube visitors in select countries,
including Japan, France, Taiwan, Italy, and Spain.
that mines the digital coin known as Monero. In nine out of 10
Coinhive, a cryptocurrency-mining service that's controversial
because it allows subscribers to profit by surreptitiously using
the computers of other people. The remaining 10 percent of the
attackers the 30 percent cut Coinhive takes. Both scripts are
programmed to consume 80 percent of a visitor's CPU, leaving just
barely enough resources for it to function.
"YouTube was likely targeted
because users are typically on the site for an extended period of
time," independent security researcher Troy Mursch told Ars. "This
is a prime target for cryptojacking malware, because the longer
the users are mining for cryptocurrency the more money is made."
Mursch said acampaign from Septemberthat
used the Showtime website to deliver cryptocurrency-mining ads is
another example of attackers targeting a video site.
To add insult to injury, the
graphics in displayed ads for fake AV programs, which scam people
out of money and often install malware when they are run.
The above ad was posted on Tuesday.
Like the ads analyzed by Trend Micro and posted on social media,
it mined Monero coins on behalf of someone with the Coinhive site
key of "h7axC8ytzLJhIxxvIHMeC0Iw0SPoDwCK." It's not possible to
know how many coins the user has generated so far. Trend Micro
said the campaign started January 18. It's not clear if Google has
managed to start blocking the ads yet. Representatives weren't
immediately available to comment for this post.
As theproblem of Web-based
cryptomining has surgedto
almost epidemic proportions, a variety of AV programs have started
warning of cryptocurrency-mining scripts hosted on websites and
giving users the option of blocking the activity. While drive-by
cryptocurrency mining is an abuse that drains visitors' electricity
and computing resources, there's no indication it installs
ransomware or other types of malware, as long as people don't click
on malicious downloads.