Skip to main content

Is your browser mining bitcoin? ‘Malvertisements’ are hijacking Google Ads

As if invasive ads weren’t bad enough, Trend Micro uncovered a particularly sinister batch of ‘malvertisements’ that aim to exploit Google’s DoubleClick ad service to serve you ads containing hidden cryptocurrency mining software.

“Attackers abused Google’s DoubleClick, which develops and provides internet ad serving services, for traffic distribution. Data from the Trend Micro Smart Protection Network shows affected countries include Japan, France, Taiwan, Italy, and Spain. We have already disclosed our findings to Google,” Trend Micro reports.

Recommended Videos

As malware goes, it’s actually pretty clever — if also sinister and awful. It operates two separate scripts, one a coinhive cryptocurrency miner, the other a private web miner. Which one it will use is determined by a random number generator. When either one kicks in, it would use 80 percent of the affected computer’s CPU resources for the purposes of mining cryptocurrency.

“The affected webpage will show the legitimate advertisement while the two web miners covertly perform their task. We speculate that the attackers’ use of these advertisements on legitimate websites is a ploy to target a larger number of users, in comparison to only that of compromised devices,” Trend Micro reports.

Trend Micro goes on to report that the number of incidents of these malvertisements has gone down since January 24, so we might be in the clear. Still, it might be a good idea to make sure your security apps are all up to date — and make sure your browser has its latest security patches. Chances are Google will get the exploit under control quickly, but there are some countermeasures you can implement in the meantime.

“Blocking JavaScript-based applications from running on browsers can prevent coinhive miners from using CPU resources. Regularly patching and updating software — especially web browsers –can mitigate the impact of cryptocurrency malware and other threats that exploit system vulnerabilities,” Trend Micro recommends.

All right, so how can you protect yourselves from this exploit while Google gets it sorted out? Turns out there are a couple things you can do. First, make sure your browser is up to date. You can do that by heading to your preferences and checking for updates in most modern browsers like Chrome and Firefox. Second, run an adblocker on any site that you feel a little uncomfortable about. Lastly, you can always disable JavaScript entirely, but doing so will break a lot of websites and it’s only a good idea if you’re very worried about your security.

Jaina Grey
Former Digital Trends Contributor
Jaina Grey is a Seattle-based journalist with over a decade of experience covering technology, coffee, gaming, and AI. Her…
Malware is spreading through Google Bard ads — here’s how to avoid them
A person holds a phone with the Google logo and word 'Bard' on the screen. In the background is a Google Bard logo.

As the public adjusts to trusting artificial intelligence, there also brews a perfect environment for hackers to trap internet users into downloading malware.

The latest target is the Google Bard chatbot, which is being used as a decoy for those online to unknowingly click ads that are infected with nefarious code. The ads are styled as if they are promoting Google Bard, making them seem safe. However, once clicked on, users will be directed to a malware-ridden webpage instead of an official Google page.

Read more
Google is creating ‘internet surveillance DRM,’ critics say
Google Drive in Chrome on a MacBook.

Google is working on a system to fight fraud and make the internet “more private and safe,” but it’s just come in for some blistering criticism from software engineers behind the Vivaldi web browser. According to them, it’s a “dangerous” idea that could lead to greater surveillance of ordinary people.

The subject of this kerfuffle is Google’s Web Environment Integrity project, or WEI. Its purpose, Google says, is to stymy bad actors by providing a piece of code on a website that can be checked with a trusted attestor (such as Google) to ensure the visitor is who they say they are. That could prevent cheating in games, for example, or ensure that ads are being properly served to readers.

Read more
Google just made this vital Gmail security tool completely free
The top corner of Gmail on a laptop screen.

Hackers are constantly trying to break into large websites to steal user databases, and it’s not entirely unlikely that your own login details have been leaked at some point in the past. In cases like that, upgrading your password is vital, but how can you do that if you don’t even know your data has been hacked?

Well, Google thinks it has the answer because it has just announced that it will roll out dark web monitoring reports to every Gmail user in the U.S. This handy feature was previously limited to paid Google One subscribers, but the company revealed at its Google I/O event that it will now be available to everyone, free of charge.

Read more