Hackers managed to compromise Google's DoubleClick platform to serve ads with crypto-mining malware on YouTube
On January 26, experts have reported that anonymous hackers managed to abuse Google's DoubleClick advertising platform to deliver YouTube ads which stealthily mine cryptocurrency in the background. Users were complaining that their antivirus programs were blocking Youtube virus.
Google has reported that they have quickly resolved the problem and the accounts in DoubleClick and YouTubewhich are supposedly responsible for such actions were removed:
The ads were blocked in less than two hours and the malicious actors were quickly removed from our platforms.
However, malware researchers say that the attackers have created malicious ads which were particularly targeting people from Spain, Taiwan, Japan, Italy, France and they are responsible for a 285% increase in crypto-mining malware detections worldwide.
The peculiarities of the cryptojacking attack
This is the main reason why security researcher, Troy Mursch, believes that attackers chose YouTube on purpose — people usually stay on the site for long periods of time:
YouTube was likely targeted because users are typically on the site for an extended period of time. This is a prime target for cryptojacking malware, because the longer the users are mining for cryptocurrency the more money is made.
Countermeasures every computer user should take
It is quite evident that using a professional security software today is a must. In this case, users were notified about the malicious script running in the background shortly after the antivirus detected it. Thus, the easiest way to protect your system from cryptojacking is employing a robust malware removal tool.