{"id":395815,"date":"2018-01-28T06:00:18","date_gmt":"2018-01-28T06:00:18","guid":{"rendered":"http:\/\/citifmonline.com\/?p=395815"},"modified":"2018-01-27T18:20:59","modified_gmt":"2018-01-27T18:20:59","slug":"youtube-ads-latest-ground-zero-nefarious-crypto-mining","status":"publish","type":"post","link":"https:\/\/citifmonline.com\/?p=395815","title":{"rendered":"YouTube ads are the latest ground zero for nefarious crypto mining"},"content":{"rendered":"<p>YouTube is turning passive viewers into cryptocurrency miners, and Google isn&#8217;t happy.<\/p>\n<p>The issue became apparent earlier in the week as complaints surfaced on social media claiming that YouTube ads were raising red flags in anti-virus software. A service called Coinhive was hijacking a viewer&#8217;s CPU and using its power to mine crypto.<\/p>\n<div class=\"see-also\">\n<div class=\"inline-ad-seealso\">A\u00a0Friday blog post\u00a0from Trend Micro, an international cybersecurity company, confirmed the sharp uptick in Coinhive use earlier in the week, pinning it to a &#8220;malvertising campaign&#8221; that subverted a Google ad service used on YouTube.<\/div>\n<\/div>\n<p>&#8220;Attackers abused Google\u2019s DoubleClick, which develops and provides internet ad serving services, for traffic distribution,&#8221; the post notes. Trend Micro&#8217;s data pointed to Japan, France, Taiwan, Italy, and Spain as the countries affected by the campaign.<\/p>\n<p>In\u00a0a statement given to Ars Technica\u00a0on Friday, Google confirmed the cryptojacking threat, noting that &#8220;[i]n this case, the ads were blocked in less than two hours and the malicious actors were quickly removed from our platforms.&#8221;<\/p>\n<p>Google&#8217;s &#8220;blocked in less than two hours&#8221; timeline doesn&#8217;t add up, however. Trend Micro&#8217;s data suggests that &#8220;an increase in traffic to five malicious domains&#8221; from DoubleClick advertisements started on or sometime before Jan. 18. By Jan. 24, the company had detected &#8220;an almost 285% increase in the number of Coinhive miners.&#8221;<\/p>\n<p>Google didn&#8217;t respond to any follow-up questions regarding the timeline.<\/p>\n<p>Coinhive wasn&#8217;t always used for nefarious purposes. The script was created originally to let website owners harness the processing power of a visitor&#8217;s computer to mine Monero. So long as the site owner let people know about Coinhive up front and didn&#8217;t let the script monopolize processing power, it was a relatively ethical way for website operators to turn traffic into income.<\/p>\n<p>Then, in late December, users of a certain Chrome extension discovered that\u00a0it was also secretly running CoinHive. This incident quickly turned into one of the higher profile examples of a relatively new phenomenon in the malware world: &#8220;cryptojacking,&#8221; the practice of hijacking a PC user&#8217;s CPU to mine cryptocurrency.<\/p>\n<p>The spread of cryptojacking to YouTube is an alarming development. While it&#8217;s good that Google eventually shut the activity down, this is a new wrinkle in the cryptocurrency craze that internet gatekeepers will have to better protect against in the future.<\/p>\n<p>&#8211;<\/p>\n<p>Source: Mashable<\/p>\n","protected":false},"excerpt":{"rendered":"<p>YouTube is turning passive viewers into cryptocurrency miners, and Google isn&#8217;t happy. The issue became apparent earlier in the week as complaints surfaced on social media claiming that YouTube ads were raising red flags in anti-virus software. A service called Coinhive was hijacking a viewer&#8217;s CPU and using its power to mine crypto. A\u00a0Friday blog [&hellip;]<\/p>\n","protected":false},"author":14,"featured_media":395817,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"jnews-multi-image_gallery":[],"jnews_single_post":[],"jnews_primary_category":[],"jnews_social_meta":[],"jnews_override_counter":[],"footnotes":""},"categories":[106],"tags":[],"class_list":["post-395815","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-technology"],"_links":{"self":[{"href":"https:\/\/citifmonline.com\/index.php?rest_route=\/wp\/v2\/posts\/395815","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/citifmonline.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/citifmonline.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/citifmonline.com\/index.php?rest_route=\/wp\/v2\/users\/14"}],"replies":[{"embeddable":true,"href":"https:\/\/citifmonline.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=395815"}],"version-history":[{"count":0,"href":"https:\/\/citifmonline.com\/index.php?rest_route=\/wp\/v2\/posts\/395815\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/citifmonline.com\/index.php?rest_route=\/wp\/v2\/media\/395817"}],"wp:attachment":[{"href":"https:\/\/citifmonline.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=395815"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/citifmonline.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=395815"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/citifmonline.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=395815"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}