Published: Tue, January 30, 2018
Science | By Cecil Little

Cryptojacking Malware hits on major sites including YouTube

Cryptojacking Malware hits on major sites including YouTube

It mines Monero, a cryptocurrency that is easier to mine than Bitcoin. The latest network to be targeted by cryptojackers is Google's advertising service on YouTube. The code used about 80 percent of the viewers' CPU power to generate digital currency for anonymous hackers, all without the users' knowledge.

The issue first became apparent last week, after users complained that YouTube ads were raising red flags in anti-virus software and slowing down their PC.

Jen Selter Got Kicked Off a Flight
An Instagram celebrity was allegedly kicked off an American Airlines flight after having a heated argument with the pilot. A spokesperson for the airline told Newsweek Selter "was asked to leave the aircraft after a disagreement occurred".

"An analysis of the malvertisement-riddled pages revealed two different web miner scripts embedded and a script that displays the advertisement from DoubleClick", said Trend Micro.

We detected an nearly 285 percent increase in the number of Coinhive miners on January 24. According to Trend Micro, the cryptojacking campaign seems to have been active since 18 January, when they observed an increase in traffic to five malicious domains. "After closely examining the network traffic, we discovered that the traffic came from DoubleClick advertisements", it said. In the case of YouTube ads, 90 percent of the cases involve publicly-available CoinHive JavaScript, while the remaining 10 percent involves a private mining JavaScript that allows the hackers to save on the 30 percent fee CoinHive charges. Apparently, it didn't even matter which browser the users were watching from, Ars Technica reports. The company claims its product can help you "monetise your site visitors" by essentially sucking their CPU power and putting it into mining cryptocurrencies. This leaves the device barely functional. You could also consider running a script blocker or an ad blocker on some or all of your web browsers.

SpaceX ready for one more mission before Falcon Heavy's maiden launch
Interested in solar? Get a solar cost estimate and find out how much a solar system would cost for your home or business. How do I watch the launch? Tickets are available at the Kennedy Space Center visitors' complex.

Mining cryptocurrency through ads is a relatively new form of abuse that violates our policies and one that we've been monitoring actively. It added that they enforce their policies via a multi-layered detection system across their platforms which they update as more threats appear. A spokesperson for Google just confirmed that the ads were blocked in less than two hours and the malicious attackers were removed immediately from its platforms.

The part of the statement about the ads being blocked in less than two hours doesn't align with Trend Micro's assessment that the ad campaign has been a problem for at least a week. Like the ads analyzed by Trend Micro and posted on social media, it mined Monero coins on behalf of someone with the Coinhive site key of "h7axC8ytzLJhIxxvIHMeC0Iw0SPoDwCK".

Melania Trump's Spokesperson Has Addressed All Those Infidelity Rumors
Prior to Thursday's museum visit, Melania Trump had only been heard from on her social media channels this month. On the Trumps' 13th wedding anniversary Monday, neither acknowledged the special day on Twitter .

Like this: