Hackers are now injecting cryptocurrency mining scripts into web advertising platforms to make a quick buck, security researchers have found.
Trend Micro wrote in a blog post Wednesday that its researchers tracked web miner traffic linked to MSN.com, a popular ad-supported home page, which was displaying an ad that was using a computer's processor to silently mine cryptocurrency in the background.
Hackers had injected the widely-used Coinhive code into an ad supplied by the AOL advertising network. Trend Micro alerted AOL to the bad ad, which -- two days later -- was pulled offline.
The researchers didn't say how many visitors were exposed to the cryptocurrency mining ad. The page is the landing page for millions, and typically home by default to Internet Explorer users.
It's the latest twist in how hackers are using distributed mining methods to make money.
Generating bitcoin or other cryptocurrency requires a specialized setup and high-end computer power to mine new coins. But because most home computer rigs aren't best equipped for mining cryptocurrency on a large scale, hackers are now turning to infecting large-scale distributed platforms -- like apps, websites, and now ad networks, which display ads on millions of computers each day. That puts the processing power (and additional electricity resources) on individual computers -- albeit without the user's consent.
It's not the first time an ad network has been targeted by hackers to inject cryptocurrency mining code into their ads.
In January, Trend Micro found that Google's DoubleClick ad network was also serving Coinhive mining code on high-traffic sites. Over a week long period, the researchers found a near three-fold increase in the number of Coinhive miners across the web, ready to take advantage of individuals' spare computer power.
A similar cryptocurrency mining scheme for a time relied on YouTube ads to drain the processing power of individuals' computers.
As ads become more intrusive and websites act more aggressively in their money-making tactics, some news sites are actively embracing cryptocurrency mining code instead of serving traditional display ads.
It's a controversial technique, but not inherently illegal.
Salon became the first mainstream publication to ask users to consent to running the mining code on their computers while they read, instead of displaying ads.
But not everyone is happy about the prospect of paying for content with their electricity bills, either. There are several Coinhive and other cryptocurrency mining script blockers that hook into your browser to prevent these scripts from running.
Researchers at Chinese cybersecurity firm Netlab 360 revealed recently that an unnamed ad network figured out a way to bypass those script blockers altogether -- in part by rotating through seemingly randomly generated domain names.