Casa > cibernético Notícias > Google’s DoubleClick Network Abused to Spread Cryptocurrency Miners

Rede de DoubleClick, do Google abusado para espalhar Miners criptomoeda

Especialistas em segurança descobriram que a rede DoubleClick, do Google está sendo usado por criminosos para mineiros criptomoeda entrega de malware. This is the company’s subsidiary that provides Internet ad services and is used by the largest agencies and publishers to deliver targeted content to the selected audience.

Google’s DoubeClick Network Delivers Cryptocurrency Miners

Computer security researchers uncovered that criminal users are actively abusing Google’s DoubleClick Network. This is the premier ad platform offered by the service which is used by high-end marketers and publishers. The warning signs came after a detailed analysis of the performance metrics of current campaigns. The specialists reported that there is a sharp increase in the number of mineiros criptomoeda, especially the ones descendant from the CoinHive family. A major incident was observed on January 24 when a 285% increase was noted in comparison to a prior week.

Two different web miner malware were observed during the investigation. They are embedded in hacker-crafted pages that show ads that are being pulled from Google’s DoubleClick network. This means that the victims are fed live and legitimate ads while at the same time the miners are running. The experts propose that the campaign is intentional, because the attack allows legitimate sites to receive the malware ads. Such actions are attributed to a planned large-scale attack against the potential victims.

Further Details About the DoubeClick Network and Cryptocurrency Miners Campaign

An analysis of the threat shows that the embedded JavaScript code follows a preset behavior pattern. Once the malware scripts are delivered to the legitimate site as ads. The actual malware processing is quite interesting as the ad engine generates a random number between 1 e 101. If the number is equal to 10 or above the script launches the coinhive instance. It then automatically starts the processor-intensive operations which are programmed to take 80% of the processing power (utilização do CPU). As a result income is being generated for the hacker operators. This type of infections have been found to impact popular sites such as Youtube em si. Another dangerous threat to the victims is the fact that some of the ads redirect the victims to scam sites and malware.

As such the miners infections can lead to several types of campaigns:

  • Malware Infecções — The sites can deliver additional threats directly. Examples include Trojans and ransomware.
  • Social Engineering Tricks — The criminals can create pages that impersonate well-known services. Such portals are meant to steal the account credentials of the victims. Using the acquired data the hackers can perform roubo de identidade e abuso financeiro crimes.
  • Browser Hijacker Installation — Such redirects are among the main distribution methods employed by browser hijackers. They represent malware browser plugins that infect the most popular web applications (Safári, Mozilla Firefox, Google Chrome, Microsoft borda, Opera e Internet Explorer). The initial behavior tactics include settings modification and tracking cookies institution. Using such methods the hackers can acquire sensitive information about the victims which can then be sold to marketing agencies for profit.
Story relacionado: Como remover Coinhive Monero Miner Trojan de seu PC

Cryptocurrency Miners Are Becoming the Preferred Hacker Tools

Malware experts note that the number cryptocurrency miner campaigns are steadily increasing as the hackers interest in these weapons increases. We have made a thorough analysis of the marketplace entries and every month the number of advanced miners sold increase at a fast pace. The worrying fact is not the quantity, but also the quality of the malware code.

It is possible to link this attack with the recent discovery of a vast number of malware Android apps. We speculate that hackers worldwide might have teamed in order to deliver an advanced worldwide campaign. Due to the extent and impact of the malware we recommend that all computer users scan for existing infections. The quality anti-spyware solution can also protect everyone from incoming attacks.


Remoção de Malware Ferramenta

digitalizador Spy Hunter só irá detectar a ameaça. Se você quiser a ameaça de ser removido automaticamente, você precisa comprar a versão completa da ferramenta anti-malware.Saiba Mais Sobre SpyHunter Anti-Malware Ferramenta / Como desinstalar o SpyHunter


Martin Beltov

Martin formou-se na publicação da Universidade de Sofia. Como a segurança cibernética entusiasta ele gosta de escrever sobre as ameaças mais recentes e mecanismos de invasão.

mais Posts

Me siga:

Deixe um comentário

seu endereço de e-mail não será publicado. Campos obrigatórios são marcados *

Compartilhar no Facebook Compartilhar
Compartilhar no Twitter chilrear
Compartilhar no Google Plus Compartilhar
Partilhar no Linkedin Compartilhar
Compartilhar no Digg Compartilhar
Compartilhar no Reddit Compartilhar
Partilhar no StumbleUpon Compartilhar