As Ars Technica reports, YouTube has been spotted pushing ads onto users.
That, in itself, isn’t newsworthy of course. But these ads are surreptitiously stealing resources from visiting computers to mine for cryptocurrencies:
On Friday, researchers with antivirus provider Trend Micro said the ads helped drive a more than three-fold spike in Web miner detections. They said the attackers behind the ads were abusing Google’s DoubleClick ad platform to display them to YouTube visitors in select countries, including Japan, France, Taiwan, Italy, and Spain.
You should run an ad blocker when you surf the web.
Not just because ads are invariably ugly and ruin the user experience. Not just because you don’t want ads tracking your online behaviour. Not just because ads slow down your online experience and gobble up your bandwidth. Not just because ads can infect your computer with malware, or be secretly sapping your computer resources by mining for cryptocurrencies in the background.
But because even Google, one of the world’s largest advertising companies (with its own considerable security prowess), seems to be incapable of guaranteeing a stream of safe ads. What hope for the other advertising networks if Google can’t get it right?
In a statement, Google said it took action against the offending ads when it became aware of them:
“Mining cryptocurrency through ads is a relatively new form of abuse that violates our policies and one that we’ve been monitoring actively. We enforce our policies through a multi-layered detection system across our platforms which we update as new threats emerge. In this case, the ads were blocked in less than two hours and the malicious actors were quickly removed from our platforms.”
It’s a shame, of course, for those websites which depend on advertising as a revenue stream. But we have to face facts. Ads can’t be trusted. Run an ad blocker.
Found this article interesting? Follow Graham Cluley on Twitter or Mastodon to read more of the exclusive content we post.
10 comments on “Stop dilly-dallying. Block all ads on YouTube”
do you have a recommend ad blocker? Can I trust the ad blocker? Why?
Nano Adblocker + Nano Defender + Pop up blocker for Chrome
and say good buy to ADS
I recommend using a dedicated extension to block cryptojacking, such as minerBlock.
You can trust it because I've covered this topic extensively for the last four months and personally shared my feedback with the developer of minerBlock. However, it's wise to be wary as some browser extensions you'd think are helpful are actually malicious, as we've seen in a few recent examples.
Word for word, it is exactly what I'm thinking, what I recommand around me, and what I'm doing for years now, I just don't like ads since it became a serious invasive issue,and moreover, when it became security issue.
To share my "experience". most of the time ads ruined my "experience", and I can't say how much I hate this word, since overused by GAFA's. No, they won't "enhance my experience", they can't do that because for years they managed to ruin it, that's why I use an adblocker, Ublock Origin to name it.. and oh boy! what a difference! thanks to Gorhill, this tool does what it is supposed to do.. to block ads and scripts, and btw it even prevents my browser from loading tons of useless stuff, making loading pages faster, and as UBO is very customizable, it is all I needed.
Of course, even if I tent to disable it for some websites I know and trust, now I'm a bit concerned .. as Graham wrote in the article, if it happened to Google, what about websites I "trust"? should I?..probbaly not anymore I guess? unfortunately as I don't have any way to know, I feel forced to enable my AB by default no matter which website I visit.. if a content is not available because of that, no problem, I'll find another way.
"Run an ad blocker" is the best advice so far..
Perhaps web sites will have to figure out how to host the ads on their own site and accept full responsibility for problems. Since it would affect their reputation, they would be careful. The advertisers will have to learn to accept the hit counts from the sites.
Whilst I agree with what you are saying in principle it is not that simple in practice, unfortunately.
The vast majority of websites relies on google API's, fonts, etc which are all problematic with regards to privacy. On top of that imagine what happens if one of the popular CDN's gets hacked and starts dishing out malware (Amazonaws, Akamai, Cloudfront, etc…)
I run an ad blocker
The fact is that Google could stop this, they have the technology but they (and Facebook) have no incentive to do so – see – https://wp.me/p7MvnT-cO
I've used an ad blocker on YouTube for a long time and try to never watch videos on mobile as there I'm unsure of if an ad blocker would work. I may feel bad that the content creators aren't getting their money but I've heard of how iffy the ads are and the latest place where mining happens being in these ads…no, I only will mine Monero for myself.
Great work>>>>>>as always Graham. Regards.