Published: Вт, Января 30, 2018
Science | By Cecil Little

Cryptojacking Malware hits on major sites including YouTube

Cryptojacking Malware hits on major sites including YouTube

It mines Monero, a cryptocurrency that is easier to mine than Bitcoin. The latest network to be targeted by cryptojackers is Google's advertising service on YouTube. The code used about 80 percent of the viewers' CPU power to generate digital currency for anonymous hackers, all without the users' knowledge.

The issue first became apparent last week, after users complained that YouTube ads were raising red flags in anti-virus software and slowing down their PC.

"An analysis of the malvertisement-riddled pages revealed two different web miner scripts embedded and a script that displays the advertisement from DoubleClick", said Trend Micro.

Читайте также: Melania Trump's Spokesperson Has Addressed All Those Infidelity Rumors

We detected an nearly 285 percent increase in the number of Coinhive miners on January 24. According to Trend Micro, the cryptojacking campaign seems to have been active since 18 January, when they observed an increase in traffic to five malicious domains. "After closely examining the network traffic, we discovered that the traffic came from DoubleClick advertisements", it said. In the case of YouTube ads, 90 percent of the cases involve publicly-available CoinHive JavaScript, while the remaining 10 percent involves a private mining JavaScript that allows the hackers to save on the 30 percent fee CoinHive charges. Apparently, it didn't even matter which browser the users were watching from, Ars Technica reports. The company claims its product can help you "monetise your site visitors" by essentially sucking their CPU power and putting it into mining cryptocurrencies. This leaves the device barely functional. You could also consider running a script blocker or an ad blocker on some or all of your web browsers.

Mining cryptocurrency through ads is a relatively new form of abuse that violates our policies and one that we've been monitoring actively. It added that they enforce their policies via a multi-layered detection system across their platforms which they update as more threats appear. A spokesperson for Google just confirmed that the ads were blocked in less than two hours and the malicious attackers were removed immediately from its platforms.

The part of the statement about the ads being blocked in less than two hours doesn't align with Trend Micro's assessment that the ad campaign has been a problem for at least a week. Like the ads analyzed by Trend Micro and posted on social media, it mined Monero coins on behalf of someone with the Coinhive site key of "h7axC8ytzLJhIxxvIHMeC0Iw0SPoDwCK".

При любом использовании материалов сайта и дочерних проектов, гиперссылка на обязательна.
«» 2007 - 2018 Copyright.
Автоматизированное извлечение информации сайта запрещено.

Код для вставки в блог

Like this: