search
top
Currently Browsing: Malware

Vulnerable JavaScript Illegally Mining User Machines

Vulnerable JavaScript Illegally Mining User Machines

So a few days ago, I was browsing Cnet.com to view some on-line tools. I noticed an odd alert triggered by my Anti-Virus scanner. My scanner detected it as HKTL_COINMINE with my URL Filtering option enabled on my scanner. I decided to investigate it further to see what this was all about. What I slowly started to uncover was that something was using my machine to mine. This at first didn’t make sense, as no new applications or files were downloaded.

Then, I noticed an increase in CPU, and I have a normal baseline where my CPU levels normally reside at for the most part. After looking into some network connections I realized there was a connection made out to a server in Ukraine. And, that isn’t typical behavior of my network to be connecting to a machine in Ukraine. The realization after some further investigation that it was the CNET JavaScript file that had been compromised externally on another server . And, this led me to my next blog post!

How Do They Exploit JavaScript?

(more…)

top