Google Removes Monero-mining Ads on YouTube

The ads contain a javascript that runs a mining malware, which in turn, mines the private cryptocurrency – Monero.

mining malware coinhive

Cryptomining malware ads managed to get past Google’s stringent system and got displayed to users through the video streaming giant YouTube.

The Mining Malware Ad

Through Google’s DoubleClick Ad platform, the attackers began targeting users from countries such as Japan, France, Spain, and Italy. The ads contain a javascript that runs a mining malware, which in turn, mines the private cryptocurrency – Monero.

In some instances, the advertisement displayed a warning – stating that the user’s computer was infected. Unsuspecting users may have clicked the ad and downloaded the fake program.

Google’s Swift Response

Google alerted users of the suspected ads, which it said violate its policies. (It is worth noting that users also reported the issue on social media). Google has reported blocking the ads in less than 2 hours. It also reported removing malicious actors from its platforms.

Google did not provide a timeline of how the events took place – from when the ads began appearing and when it was able to remove them completely. In a report of Security Firm Trend Micro – the ads first started appearing starting from January 18, 2018.

Coinhive

The Javascript is publicly available and is provided by Coinhive. Coinhive is a controversial mining software for mining Monero. When you embed it on a website, users who browse your website will run the javascript to mine Monero for you.

With the popularity and profitability of cryptocurrencies, hundreds or thousands of users have been susceptible to cryptocurrency scams. Scams range from modern versions of the classic Ponzi scheme or plain old adware and malware. Check out this article on how to protect yourself against bitcoin and cryptocurrency scams.

Sources: ArsTechnica, Cointelegraph

Similar Posts