The Arrival of Cryptojacking in Google Ads, and What This Means for Users

Cryptojacking started off as something simple. When we first talked about it, it was only malicious webmasters and hackers getting onto the cryptojacking trend. When we last reported on its progress, it had begun to spread to Facebook, where people were sending malicious links via the Messenger feature. At the time we commented on whether or not cryptojacking would become a big part of the cybercriminal world. Unfortunately, it appears that cryptojacking is here to stay, with the newest line of attacks hitting a big target: Google Ads.

How It Spread to Ads

For the past few reports, cryptojacking has been somewhat easy to dodge. Simply stay away from shady sites and don’t accept files from shady Facebook contacts, and you’re all set. However, this recent attack on Google Ads itself poses a much larger problem. Criminals have tried slipping ads with the cryptojacking technology embedded within them into the Google Ads channel. Google Ads make up a large part of our daily online lives, meaning this attack affects a lot of people. In fact, users have already seen ramifications on a top distributor of Google Ads – YouTube.


Recently, users watching YouTube videos have been reporting that the site slows down their computers.┬áThe videos also set off virus protection services that claimed that a cryptojacking attack by “CoinHive” was underway. There’s a good reason for this: with YouTube under Google’s domain, the adverts shown before the videos played were serviced by Google Ads. When Google Ads had cryptojacking scripts slid under it, innocent YouTube viewers were witnessing their devices being used as mining rigs for a stranger!

Why Is This Happening?

At the time of writing, the tech world is currently experiencing a gold rush for cryptocurrencies. It’s so bad, even graphics card prices are being driven up as people are buying them en-masse to fit out their mining rigs. Of course, while there are those who earn their coins via respectable methods, there will always be those who try to earn money through illegitimate means!


As long as cryptocurrency is still a major player within the tech world, cryptojacking will be around. It also goes somewhat hand-in-hand with ransomware, another type of malware that saw a spike in activity within late 2017 to early 2018. With hackers diverting their attention away from simply doing damage and into making money off of their victims, cybercrime has become more profitable than ever.

How to Avoid These Attacks


As security companies figure out how people are slipping cryptojacking attacks into Google Ads, hopefully the amount of attacks made on users will be reduced to a more manageable level. For the time being, if you’re worried about your computer coming under attack from a malicious ad, it’s best to ensure your antivirus is up to date and install an ad blocker on your browser. Try to turn it off if you know the site doesn’t use Google Ads. If it does, keep it on while this new attack vector blows over.

Abominable Ads

Once a novel method of attack, cryptojacking has proven that it is now here to stay. With its latest strike on Google Ads, it’s becoming harder to keep yourself safe from a cryptojacking attack. Now you know of cryptojacking’s newest attack vector and how to avoid it.

With companies always telling users to disable ad-blockers, how does the fact that ads are now being used as attack vectors make you feel? Let us know below.

Simon Batt
Simon Batt

Simon Batt is a Computer Science graduate with a passion for cybersecurity.

Subscribe to our newsletter!

Our latest tutorials delivered straight to your inbox