Google DoubleClick was attacked by cryptocurrency miners who targeted YouTube ads in order to use the CPU power of viewers.
The hackers’ are thought to have taken advantage of the longer average time spent on a YouTube page versus another website, receiving new cryptocurrencies when validating transactions on public ledgers in the blockchain platform.
A Google spokesperson told Marketing: “We enforce our policies through a multi-layered detection system across our platforms which we update as new threats emerge. In this case, the ads were blocked in less that two hours and the malicious actors were quickly removed from our platforms.”
The operation looked much like a malware attack, and were thus detected by various antivirus software on the victims’ computers. It was first noticed by security company Trend Micro, who saw that coinhive web miner detections had increased by 285 per cent on January 24.
In a blog post, the firm said: “An analysis of the malvertisement-riddled pages revealed two different web miner scripts embedded and a script that displays the advertisement from DoubleClick. The affected webpage will show the legitimate advertisement while the two web miners covertly perform their task. We speculate that the attackers’ use of these advertisements on legitimate websites is a ploy to target a larger number of users, in comparison to only that of compromised devices”.