View Markets Data →

Google’s DoubleClick ads inadvertently spread crypto mining malware through Europe, Asia

Security firm TrendMicro has revealed that hackers have leveraged Google’s DoubleClick ad services to distribute cryptocurrency mining malware to users around the world.

Thousands of internet browsers throughout Europe and Asia have inadvertently fallen prey to cryptocurrency mining malware, as a new report from security firm TrendMicro has shown that hackers have leveraged vulnerabilities in Google’s DoubleClick ad platform to mine Monero.

In a new report, the company outlines how hackers have leveraged CoinHive – a JavaScript program which, when hidden on a website, can use a computer’s processing power to mine Monero – was distributed through DoubleClick.

Read: Hacker escapes justice with over $400K USD in BlackWallet theft

CoinHive operates without the consent of a user, leaving thousands of users oblivious to the fact that they were lending portions of their CPU to assist with the hackers’ mining operations. Those who became aware of the fact might have noticed performance degradation in their device of choice.

ArsTechnica noted that the malware was further distributed through YouTube, wherein Google deploys ads hosted through DoubleClick.

TrendMicro elaborated on the hackers’ use of malware, describing that:

“The affected webpage will show the legitimate advertisement while the two web miners covertly perform their task. We speculate that the attackers’ use of these advertisements on legitimate websites is a ploy to target a larger number of users, in comparison to only that of compromised devices.”

The firm confirmed, however, that in the wake of Google’s discovery that DoubleClick was being leveraged to proliferate malware, that traffic involving the use cryptocurrency miners had since decreased after January 24.

Moves to disrupt non-consensual mining

Opera recently announced that it has moved to add cryptocurrency mining protection as a standard feature across all its mobile browsing platforms.

The firm’s new anti-cryptocurrency mining feature will now be activated by default on both Opera Mini and Opera for Android, giving its users some piece of mind while browsing the web.

It remains to be seen what move Google may take to refine DoubleClick in the wake of its malware delivery.

Malware that propagates non-consensual cryptocurrency mining is estimated to affect over one billion users around the world, while some three million websites are further predicted to have been exposed to ‘cryptojacking’-scripts.

Read: Cryptocurrency investor loses over $34,000 in theft through a second-hand hardware wallet

Have your say!

How could websites safeguard their users against non-consensual cryptocurrency mining? Be sure to let us know your opinion on Twitter: @coininsidercom!

Follow Bryan Smith on Twitter: @bryansmithSA