As he notes, this is already happening; among other things, there's cryptocurrency malware that hijacks your browser to do mining.
So that's what Dorsey did -- very successfully. Within about three hours, his code (experimental, not malicious, apart from surreptitiously chewing up processing resources) was running on 117,852 web browsers, on 30,234 unique IP addresses. Adtech, it turns out, is a superb vector for injecting malware around the planet.
Some other fun details: Dorsey found that when people loaded his ad, they left the tab open an average of 15 minutes. That gave him huge amounts of compute time -- 327 full days, in fact, for about $15 in ad purchase. To see what such a botnet could do, he created one to run a denial-of-service attack (against his own site, just to see if it worked: It did pretty well). He got another to mine the cryptocurrency Monero, at rates that will be profitable if Monero goes much higher. Read the rest