YouTube videos ads are being used by hackers to mine cryptocurrency using the Coinhive code usually found in websites. Viewers of YouTube videos are familiar with ads that play before a video gets to be seen. These ads also pop up while the video is streaming. Hackers apparently used these videos to mine computers and use its resources for the cryptocurrency.
According to Troy Mursch, an independent security researcher, YouTube was highly likely utilized due to the long periods of time users are present on the site – a characteristic cryptojacking malware prefers since the more time users are doing cryptocurency mining, the more opportunity it is to make money. Cryptojacking was first heard of last year when Coinhive released a script that allowed the Monero cryptocurrency to be mined anytime a webpage loaded. Torrenting site The Pirate Bay used the script to raise funds. Eventually, Coinhive duplicates began appearing online. Hackers also embedded the scripts in websites unbeknownst to its proprietors in order to mine money off of a site’s traffic.
Google, YouTube’s parent company, immediately dealt with the issue within two hours after they received information that ads were being utilized for Monero mining. However, cybersecurity company Trend Micro presented data that revealed the infected ads still ran for an entire week.
Google’s official statement reads: “Mining cryptocurrency through ads is a relatively new form of abuse that violates our policies and one that we’ve been monitoring actively. We enforce our policies through a multi-layered detection system across our platforms which we update as new threats emerge. In this case, the ads were blocked in less than two hours and the malicious actors were quickly removed from our platforms.”