After having bad ads and bad contents, YouTube is having another issue: ads with CPU-draining cryptocurrency miners
As cyptocurrencies are getting a lot of attention, mainly since Bitcoin has reached a milestone price after another, people everywhere have a heightened awareness of the volatile digital currencies. After some streaming websites have been caught using their viewers' CPUs to mine cryptocurrency, YouTube was also caught in showing ads with hidden miners in them.
But in YouTube's case, as discovered by antivirus provider TrendMicro, it was the advertisers that apparently used Google’s DoubleClick ad network to display malicious ads to YouTube users in selected countries globally, including Japan, France, Taiwan, Italy, and Spain.
The findings were then made apparent when people took the matter to social media, saying that their antivirus software was flagging YouTube as a problem.
The ads were designed to consume 80 percent of the victim's CPU time, using scripts from Coinhive, a popular provider to mine the Monero cryptocurrency .
Mining cyptocurrencies involve a process that is very resource intensive.
YouTube is certainly an ideal platform for cryptojacking for the obvious reason: it's one of the most popular streaming website on the internet, and viewers typically spend more time on its pages on average if compared to most other websites. The more time the miner ad is shown, the more cryptocurrency it can mine using a users' CPU.
In some cases, the ad blocks were completely blank, but in others, it added insults to the injury by showing advertisements for fake antivirus programs. An example can be seen below:
According to Google:
Mining cryptocurrency through ads is a relatively new form of abuse that violates our policies and one that we’ve been monitoring actively. We enforce our policies through a multi-layered detection system across our platforms, which we update as new threats emerge. In this case, the ads were blocked in less than two hours and the malicious actors were quickly removed from our platforms."
While the representative claims the issue was handled in “less than two hours,” reports have shown that the ads had run on YouTube for roughly one week before being removed.
As the problem of web-based cryptomining has surged to almost epidemic proportions, a variety of antivirus programs, including browsers like Opera, have started warning users of cryptocurrency-mining scripts hosted on websites and giving users the option of blocking their activity.
In YouTube's case, the ads only harvest users' CPU power and didn't harm users' computers or steal data. There's no indication that it installs ransomware or other types of malware, as long as people don't click on malicious downloads. And Coinhive here is one example of the unbelievable crave for cryptocurrency, with users willing to abuse other people's system just to reap profits.
Further reading: Google Upgrades Its AI, Helping To Solve YouTube's Advertising Crisis