The use of cryptocurrency mining scripts is increasing, they enable website owners to mine digital currencies by effectively hijacking an unsuspecting visitor’s CPU resources. Popular websites like The Pirate Bay have resorted to this method in order to mine Monero, a popular cryptocurrency. One wouldn’t expect to see ads on YouTube that had hidden scripts for this very purpose but it turns out some bad actors even used the world’s largest online video platform to mine Monero.
Reports of antivirus programs detecting cryptocurrency mining scripts on YouTube started surfacing online earlier this week. Since one wouldn’t expect Google of all companies to participate in such deception, it was evident that something wasn’t right.
Security researchers at the Trend Micro antivirus company said on Friday that these ads on YouTube drove a three-fold spike in web miner detections. They revealed that the people behind these ads were abusing Google’s DoubleClick ad platform to show the malicious ads to YouTube users in countries like France, Japan, Italy, and Spain.
According to one security researcher, they likely targeted because users typically spend a lot of time on the site. The longer users are on the site, the more time the script has to mine for cryptocurrency.
A Google representative said in a statement that mining cryptocurrency is a new form of abuse that violates the company’s policies and it’s actively monitoring this. “In this case, the ads were blocked in less than two hours and the malicious actors were quickly removed from our platforms,” the rep added.
Google didn’t say when these ads started being served on YouTube and when they ended as Trend Micro says that many ads with the same ad ran for as long as a week.