The number of Coinhive web miner detections has tripled as a result of aggressive "malvertising campaigns" being run over online advertising networks, according to security firm Trend Micro.
Researchers at the company recently found that cyber crooks are deploying advertisements on high-traffic websites that use Coinhive as well as separate web mining services that connect to private pools.
Attackers are also tapping into Google's DoubleClick advertising network, which dominates online advertising. Countries particularly affected include Japan, France, Taiwan, Italy, and Spain, Trend Micro claimed.
The firm said that it has disclosed its findings to Google. "We detected an almost 285 per cent increase in the number of Coinhive miners on 24 January. We started seeing an increase in traffic to five malicious domains on 18 January," it said.
"After closely examining the network traffic, we discovered that the traffic came from DoubleClick advertisements."
After analysing 'malvertisement'-riddled pages, the security specialists identified two different web miner scripts, as well as one that displays advertisements using DoubleClick.
The webpages deceive users by showing legitimate advertisements while "the two web miners covertly perform their tasks". They're unaware that this is happening.
Trend Micro explained: "We speculate that the attackers' use of these advertisements on legitimate websites is a ploy to target a larger number of users, in comparison to only that of compromised devices."
"The modified web miner will use a different mining pool at wss[:]//ws[.]l33tsite[.]info[:]8443. This is done to avoid Coinhive's 30% commission fee."
"Regularly patching and updating software - especially web browsers - can mitigate the impact of cryptocurrency malware and other threats that exploit system vulnerabilities."
And, yep, it'll run Android rather than RiscOS
US engineering giant's cost-cutting outsourcing plan is on the rocks, according to insiders
HP Envy X2 laptop only affordable if you've got loadsamoney
Counterfeit code-signing certificates enabling hackers to hide malware being sold by cyber criminals
Certificates can be used as part of layered obfuscation to evade detection by anti-virus software