Ad giant has malware detection in its script-hosting service... but Coin Hive isn't flagged
22nd November 2017 By Thomas Claburn
Crypto-jackers using Coin Hive code to secretly mine Monero via computing power supplied by the unsuspecting have found Google Tag Manager to be a convenient means of distribution.
Security researcher Troy Mursch told The Register that he recently found Coin Hive's free-to-use JavaScript running on the Globovisión website – Globovisión being a 24-hour telly station for Venezuela and Latin America.
The code was invisibly spawned, he said, "from the embedded Google Tag Manager script gtm.js?id=GTM-KCDXG2D," which invoked cryptonight.wasm, a Web Assembly form of Coin Hive's JavaScript mining code.
Full Article.