YouTube Is Serving Covert Cryptocurrency Mining Ads

YouTube Is Serving Covert Cryptocurrency Mining Ads

Stealth cryptocurrency mining in one’s browser, without the user’s permission, is one of our least-favorite trends of the past six months. While there were always questions about whether cryptocurrency mining in-browser could serve as an alternate revenue stream for websites, there was at least an idea that some kind of alternate funding system might emerge — hopefully putting an end to the eternal cycle of invasive ads driving users to deploy ad blockers, which then drives websites to adopt more invasive ads.

But instead of an informed approach in which end users consented to such mining, we’ve seen stealth operations popping up everywhere that steal CPU cycles from users, particularly if more than one crypto mining malware is running simultaneously. While most of these plugins are written to only put a light load on user’s CPUs, that’s only if the miner is running in a single browser instance, and only if it’s running on a single site. Our tests back in 2017 showed that using different browsers can defeat this dubious attempt to sandbox the performance impact. And, of course, even running one site will still drain battery life more quickly than having the CPU properly idled.

It’s like someone figured out how to monetize the awful Flash ads everyone used to hate for eating CPU cycles. A true win-win! And now it’s even hitting YouTube.

TrendMicro has released an updated report, showing a sharp rise in ads served by Google’s DoubleClick service being infested with mining software.

YouTube Is Serving Covert Cryptocurrency Mining Ads

Like other attacks, this one uses a Javascript miner to mine Monero via Coinhive. Here’s how TrendMicro describes it:

The advertisement has a JavaScript code that generates a random number between variables 1 and 101. When it generates a variable above 10, it will call out coinhive.min.js to mine 80% of the CPU power, which is what happens nine out of ten times. For the other 10%, a private web miner will be launched. The two web miners were configured with throttle 0.2, which means the miners will use 80% of the CPU’s resources for mining.

Earlier miners, just a few months ago, were sticking to much lower figures as part of a big to stay hidden. We were concerned at the time that this could escalate, and it looks as if it is. As more illicit services slug it out to steal this kind of processing time, your CPU’s processing time is going to be a casualty.

If you feel like your system is running louder for no reason, don’t be afraid to pop open Task Manager and look for proof. CPU utilization will be much higher if you’ve got a cryptocurrency miner stealing cycles.

Continue reading

Review: DJI’s New Mini 2 May Be the Perfect Travel Drone
Review: DJI’s New Mini 2 May Be the Perfect Travel Drone

If you love traveling with your drone but hate lugging around a lot of gear, DJI's Mini 2 may be the perfect solution.

Space Mining Gets 400 Percent Boost From Bacteria, ISS Experiments Show
Space Mining Gets 400 Percent Boost From Bacteria, ISS Experiments Show

We'll need lots of raw materials to sustain human endeavors on other planets, and a new project on the International Space Station demonstrates how we can make space mining over 400 percent more efficient.

Earth’s ‘Minimoon’ Is About to Leave Us Forever
Earth’s ‘Minimoon’ Is About to Leave Us Forever

According to astronomers, Earth's latest artificial satellite is about to become a former satellite as it prepares to zip off into the inky blackness of space.

Apple: Mac Mini M1 Uses One-Third the Electricity of Intel CPU
Apple: Mac Mini M1 Uses One-Third the Electricity of Intel CPU

Apple has posted the official figures for power consumption on the M1 Mac mini. The new system draws less than a third the power of an equivalent Intel system.