Is your PC suddenly slowing down? Are you getting the spinning wheel on YouTube more than usual?

Hackers have been targeting the Google ad network to embed code into YouTube ads which then secretly syphons power from a users pc to mine cryptocurrencies.

The issue was discovered on Wednesday, and reported by security firm Trend Micro, who found that hackers seeded the advertisements with web scripts that ran over browsers to mine the digital currency Monero. Users were affected in Spain, France Japan, Taiwan and Italy. When activated, the script could suck up to 80% of a pc’s juice;

“The advertisement has a JavaScript code that generates a random number between variables 1 and 101. When it generates a variable above 10, it will call out coinhive.min.js to mine 80% of the CPU power, which is what happens nine out of ten times. For the other 10%, a private web miner will be launched. The two web miners were configured with throttle 0.2, which means the miners will use 80% of the CPU’s resources for mining.”

Google announced that they had removed the offending scripts from their services within two hours of them being discovered.

Hackminers (there’s a new twitter hashtag for you 😉 use of the Coinhive produced, Javascript Monero miner, has been on the increase, with websites and even Chrome extensions being targeted. Online security and anti-virus firms are starting to increase their watch on such scripts and they say they are becoming some of the most invasive malware in operation.

This is yet another part of the dark underbelly of the cryptocurrency world, and one that’s likely to get worse before it gets better, and one that online security seem to be well behind the curve  in dealing with.

That should give us all something to think about over the weekend, and here’s a YouTube tune to listen to while you do 😉


Ryan Littlestone

Pin It on Pinterest