Cookie Consent Script Drops In-Browser Cryptocurrency Miner

Discussion in '0-day Release' started by silversurfer, Nov 14, 2017 at 8:07 PM.

  1. silversurfer

    silversurfer Malware Tester Silver Member

    A free-to-use script that helps website owners show EU cookie consent popups is dropping an in-browser cryptocurrency miner on websites that use it.

    The hidden miner came to light today when Dutch security researcher Willem de Groot discovered it on the website of Albert Heijn, the biggest supermarket chain in the Netherlands.

    At a closer look at the site's JavaScript files, de Groot tracked the infection to a file named "cookiescript.min.js," loaded from cookiescript.info. This domain is registered to the Cookie Consent service, a website that allows site owners to quickly put together a cookie consent popup that adheres to the EU's annoying cookie law.

    The Cookie Consent service generates a block of code that webmasters must embed in their sites.

    One of the cookie consent JavaScript files loaded through this service contained a copy of Crypto-Loot, an in-browser Monero miner.

    Source: https://www.bleepingcomputer.com/ne...script-drops-in-browser-cryptocurrency-miner/
     
    RGiskardR and daljeet like this.
  2. Google Adsense

Share This Page