[coolio2657]

>Both scripts are programmed to consume 80 percent of a visitor's CPU, leaving just barely enough resources for it to function.

How on Earth do ads not undergo the most basic "does it eat up 80 PERCENT OF A USER'S CPU" tests before they're allowed on one's network?

There is no amazing hacking going on here besides a lack of security control, but there is a substantially larger story hiding here somewhere.

[0x0]

At the very least I'm sure the script checks a few simple conditions before unleashing the miner, such as current date, ip, language prefs, possibly a "go/no-go" boolean hosted on some random webserver, to evade any pre-screening before being accepted into the ad rotation.

[monocasa]

I've heard of something similar whee drivers (partiularly graphics) trying to get WHQL cert will check for a special registry entry, and only if its present will do the ridiculous unsafe things like directly patching the IDT to get the performance they want, but will play nice otherwise so they pass cert.

[Analemma_]

Because then the ads would just do what viruses do and check if they’re in a prerelease testing environment before doing the evil thing. There’s no way to stop this completely without human examination of the ads, and at the kind of scale that Google and the other ad networks operate at, manual human examination of everything is not possible.

[bitwize]

The ad authors will just Volkswagen that shit and code their JS to pass Google's acceptance tests when it's being tested, and do whatever otherwise.