Per the cybersecurity firm, affected countries include Japan, France, Taiwan, Italy, and Spain. The problem was detected as Trend Micro noticed a 285% rise in the number of Coinhive miners, affecting five different domains. Upon close examination, researchers found the traffic was coming from DoubleClick’s advertisements.
Affected web pages would show the advertisement as usual, but the embedded Monero miners would run in the background. TrendMicro suspects the attackers used these ads in order to affect a large number of users, instead of just using compromised machines. DoubleClick was exploited from January 18, to January 24. Then, cryptocurrency mining-related traffic started to decline.
The firm’s report notes that the private miner was used to bypass fees. Coinhive charges a 30% fee when its miner is used. The report reads:
Monero mining attacks can be avoided
It looks like no platform is safe from the ongoing cryptojacking trend. As reported by Core Media, even YouTube saw its ads run cryptocurrency mining code at one point. Facebook messenger was previously infected with a mining botnet that affected its users.
This doesn’t mean users can’t defend themselves. Most anti-malware programs already block cryptocurrency-mining scripts. Browsers like Opera and Brave have built-in tools that prevent code from using your CPU to mine Monero.