Skip to content

Cryptojackers use YouTube Ads to Mine Digital Currencies

10 Things to Consider Before Buying Bitcoin or Other Cryptocurrencies

Cryptojackers recently hijacked YouTube advertisements and harnessed the computer processing power of YouTube viewers to mine digital currencies.

According to the Telegraph UK, a Google spokesperson stated that “mining cryptocurrency through ads is a relatively new form of abuse that violates our policies and one that we’ve been monitoring actively.” The issue was reported by online technology publication Ars Technica after people took to social media to report that their antivirus programs detected digital currency malware on YouTube.

Unfortunately, YouTube’s malware was not an isolated incident. AdGuard’s research demonstrated that, in the top 3 million websites, 2,500 are running a cryptojacking software consuming visitors’ processing power without their knowledge or consent.

Cryptojackers on the rise

Cryptojacking has become increasingly popular over the years.

“YouTube was likely targeted because users are typically on the site for an extended period,” said independent security researcher Troy Mursch. “[YouTube] is a prime target for cryptojacking because the longer the users are mining for cryptocurrency, the more money is made.”

YouTube’s digital currency malware incident is only one example. Many websites contain the malicious Javascript code. WIRED has reported that people have even manipulated the internet connection at a Buenos Aires Starbucks to mine Monero from anyone who connected to the network.

The next stage of cryptojacking

When Coinhive offered its Javascript code as an alternative to advertising in September 2017, cryptojacking quickly gained traction.

Although cryptojacking does not cause significant short-term problems, elevated processing demands can cause real damage over time. One Android malware called Loapi mines digital currencies so intensely that it causes harm to the computer it runs on.

Unfortunately, most victims are not aware of cryptojacking. The process is often done secretly without users knowing or given the opportunity to opt out.

Since cryptojacking is relatively new, hackers can quickly iterate and innovate. Even though cryptojacking doesn’t require a download, hackers have devised an approach where cryptojacking can continue after users close the mining tab.

Although a YouTube spokesperson mentioned to Gizmodo that “the ads [containing malicious Javascript code] were blocked in less than two hours and malicious actors were quickly removed,” cybersecurity firm Trend Micro saw otherwise. The same javascript code used to mine digital currencies were running for as long as a week.  

With firms like YouTube and Google vulnerable to cryptojackers piggybacking their software, it has become a real problem. Lotem Finkelstein, a threat intelligence team leader at Check Point, who spoke to the MIT technology review, agrees and believes that “[cryptojacking] may be…a more serious issue than Ransomware.”

This article has been updated to indicate that “cryptojacking” and “cryptojackers” are single words.


Buy Bitcoin, Ethereum, XRP, and other cryptocurrencies on Coinsquare.

Buy Digital Currencies on Coinsquare

Buy Bitcoin & more on Canada's most secure digital currency platform.
Get Started
New to digital currency? Learn More here


Get the latest blockchain and digital currency news from Canada and around the world, delivered each week to your inbox.

Your Email address

Newsletter Subscription

If you want to subscribe to our monthly newsletter, please submit the form below.