Security: A campaign of booby-trapped advertising is currently running in Europe, particularly in France. This encrypting can exploit up to 80% of the CPU of the victim machine.
Watch out for ads that you click on YouTube. The security editor Trend Micro alert on an ongoing campaign combining pups traps and crypto jacking. The explanation, the noisy machine is then used to undermine cryptocurrency by diverting the processor from the PC without the knowledge of the user. Up to 80% of the CPU resources are then directed to this mining.
The authors of this campaign allegedly bypassed DoubleClick, Google’s advertising platform, particularly in Europe and France. They would use the Coin Hive mining service, which allows its customers to integrate it into their website in order to exploit the resources of visitors’ PCs. The exploit here was to have the same approach but by inserting it into Google’s advertising tools used on YouTube.
Google points out that it is aware of the operation and claims that these ads were deactivated in less than two hours. But this case once again reminds us of the threats associated with crypto jacking.
Virtual currencies, such as bitcoin, are bought and sold. But they are also created. In order to do this, users of these services must devote a significant and increasingly important part of their computer resources (the computing power of their CPU) to the creation of monetary units. The consecrated term is mining.
Well, rather than doing it yourself, why not do it to others? The site or advertising via malware places code on your machine. This code mobilizes part of the computer power of your machine to mine cryptographic currency. And the trick is done.
While Coin Hive is a well-known supplier, the AdGuard report states that three new players are now present: JSECoin, Crypto Loot, and mine traffic. 500 million people may have been exposed to these tools, says the report. An increasing figure.