DoubleClick YouTube ad system hacked for cryptocurrency mining

youtube ad system

A number of users spotted display ads that were secretly using the opportunity for crypto mining.

Twitter recently lit up with tweets about cryptocurrency miners abusing the YouTube ad system. Video viewers recognized that the display ads they were viewing were secretly taking advantage of the user’s CPU in order to power their mining efforts.

The tweets started as only a handful of people said their antivirus programs notified them of the behavior.

That said, the numbers rapidly exploded as people received notifications that cryptocurrency mining was detected from the video. At first, many of the viewers thought it might have been a problem with their browsers. However, when some of the affected users attempted to change web browsers to view the videos and the problem persisted, it became clear that the issue was within the YouTube ad system itself.

Researchers examined the YouTube ad system hacking suspicion and soon found it was considerable.

On Friday, Web miner detections rose sharply as a result of the YouTube ads. This heavily suggested a hack right into Google’s DoubleClick advertising system. As it turns out, there were anonymous attackers who had broken into the ad system and buried their mining code inside the YouTube display ads for several countries. These included: France, Spain, Italy, Taiwan and Japan.

The hacked YouTube display ads were the type that used JavaScript. They were used for mining Monero, a type of cryptocurrency. Among the affected advertisement, about ninety percent used Coinhive public Javascript code.

Coinhive is a cryptocurrency mining service that allows subscribers to take advantage of the power of a video viewer’s computer. One in ten times the ad is displayed, the private mining JavaScript code is employed to help dodge Coinhive’s own profits while cyber attackers use their system.

Both Monero and Coinhive’s JavaScript eat up a tremendous 80 percent of the user’s CPU power, which strangles the device from being able to do anything else the user might want it ad system

According to Google, the YouTube ad system hack has been controlled and the attacks have been stopped. YouTube is a desirable target for attackers because of the amount of time users spend watching the videos. The longer the time a user accesses a video, the more money a dubious cryptocurrency miner can make.


Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.