Attackers abused Google’s DoubleClick, which develops and provides internet ad serving services, for traffic distribution
Recently in January, YouTube was caught displaying ads with CPU-draining cryptocurrency miners.
Now cryptominers have come up with a new scheme: Instead of embedding mining scripts in the code of a website, someone clever decided to embed them in YouTube advertisements and therefore spread them across multiple pages and videos without the attackers having to do anything.
Hey @avast_antivirus seems that you are blocking crypto miners (#coinhive) in @YouTube #ads— Diego Betto (@diegobetto) January 25, 2018
Thank you :)https://t.co/p2JjwnQyxz
Oh! So, I need to set the :\\flags for "allow-same-origin" right?🤔 pic.twitter.com/8KB17hG6aH— Heidi Elyas (@HeidiElyas) January 28, 2018