Nowhere to run, nowhere to hide: cryptojacking now on Youtube

A video streaming service is a perfect place to launch a cryptojacking script. Users watch videos, and their computers are busy mining cryptocurrencies for the script’s owner. Youtube is a video platform with a huge audience, but unfortunately its owner Google is too selfish to let anyone run a mining script there.

But it lets people run ads inside Youtube videos! So, it is simple: a villain enriches an ad with a piece of Javascript code and displays it through the Double Click ad platform that also belongs to Google. Since he is evil and greedy, he adds a fake antivirus ad that would provoke people to download malware.

This malvertising campaign was exposed last week. Youtube users started complaining in social media that their antiviruses had warned about mining attempts while they were watching videos. The researchers from the security company Trend Micro saw the number of Coinhive web miner detections triple due to the campaign.

This is not the first case of combining the threats: malvertising has already proved itself as a means of cryptojacking code delivery. Just two weeks ago we wrote about hacked ads that mined Monero as well.

Ludmila Kudryavtseva on Cryptojacking
January 29, 2018
Comments are powered by Disqus. By downloading the comments you agree the terms and policies of Disqus
Browsers join ad blockers in the fight for safe and comfortable web — but are not ready to replace them

Good news from browsers keeps coming. Mozilla has recently added opt-in tracking protection in the new version of Firefox Quantum. Previously the protection worked only in the Private Browsing mode, now it can be turned on in settings and be active all the time. Besides privacy protection, the option provides faster web experience, it takes less time for web pages to load without trackers.

Fake ad consortium generated 1 billion malvertising impressions last year

Zirconium, a group of 28 fake ad agencies, has been exposed by security researchers from Confiant. They built business relationships with 16 ad platforms and generated a billion impressions (ad views), showing among other things fake software update requests and all sorts of tech support scam.