Send News. Want a reply? Read this. More in the FAQ.   News Forum - All Forums - Mobile - PDA - RSS Headlines  RSS Headlines   Twitter  Twitter
Customize
User Settings
Styles:
LAN Parties
Upcoming one-time events:
Chicago, IL, USA, IL 01/27
Chicago, IL USA, IL 10/19

Regularly scheduled events

etc.

View
20 Replies. 1 pages. Viewing page 1.
< Newer [ 1 ] Older >

20. Re: etc. Nov 19, 2017, 20:10 Dacote
 
Mobile Malware Incidents Hit 100% of Businesses  
Reply Quote Edit Delete Report
 
19. Re: Crypto Miner Nov 18, 2017, 15:59 eRe4s3r
 
Dacote wrote on Nov 18, 2017, 11:27:
eRe4s3r wrote on Nov 17, 2017, 21:28:
Beamer wrote on Nov 17, 2017, 07:49:
eRe4s3r wrote on Nov 16, 2017, 16:16:
Beamer wrote on Nov 16, 2017, 16:14:
372% CPU.

;p

Add these 2 filters to your uBlock Origin or Adblock custom rule thing


https://crypto-loot.com
https://crypto-loot.com/lib/miner.min.js


You gotta block them as they come btw, wide range block would be defeated by other domain or script name....

With filter 27 load attempts for this miner are detected by uBlock Origin.. ;p

That was my work mac. I need to see ads at work, so no blocking.
At home, I already block all javascript.

At work you don't have a malware filterlist ? Sounds to me your company *wants* to be hacked
If Beamer works in advertising (or similar web based areas) he needs to be able to see ads.
Malware blocking is a totally different thing.

Nah, in uBlock Origin you can toggle which filter list you want, malware or ads, or both. Malware blocks most crypto miners that are inline js scripts. Custom filters can extend that.

So it isn't really a totally different thing Functionality wise you can even get away just with malwarebytes... though you don't have much control and a warning doesn't mean it was blocked.

I mean, unless his firewall runs a proper IT'd firewall with own filters... if he uses home hardware at work then I would never connect to a network without at the very least MSVP hostlists in the set.
 
Avatar 54727
 
Reply Quote Edit Delete Report
 
18. Re: Crypto Miner Nov 18, 2017, 11:27 Dacote
 
eRe4s3r wrote on Nov 17, 2017, 21:28:
Beamer wrote on Nov 17, 2017, 07:49:
eRe4s3r wrote on Nov 16, 2017, 16:16:
Beamer wrote on Nov 16, 2017, 16:14:
372% CPU.

;p

Add these 2 filters to your uBlock Origin or Adblock custom rule thing


https://crypto-loot.com
https://crypto-loot.com/lib/miner.min.js


You gotta block them as they come btw, wide range block would be defeated by other domain or script name....

With filter 27 load attempts for this miner are detected by uBlock Origin.. ;p

That was my work mac. I need to see ads at work, so no blocking.
At home, I already block all javascript.

At work you don't have a malware filterlist ? Sounds to me your company *wants* to be hacked
If Beamer works in advertising (or similar web based areas) he needs to be able to see ads.
Malware blocking is a totally different thing.
 
Reply Quote Edit Delete Report
 
17. Re: Crypto Miner Nov 17, 2017, 21:28 eRe4s3r
 
Beamer wrote on Nov 17, 2017, 07:49:
eRe4s3r wrote on Nov 16, 2017, 16:16:
Beamer wrote on Nov 16, 2017, 16:14:
372% CPU.

;p

Add these 2 filters to your uBlock Origin or Adblock custom rule thing


https://crypto-loot.com
https://crypto-loot.com/lib/miner.min.js


You gotta block them as they come btw, wide range block would be defeated by other domain or script name....

With filter 27 load attempts for this miner are detected by uBlock Origin.. ;p

That was my work mac. I need to see ads at work, so no blocking.
At home, I already block all javascript.

At work you don't have a malware filterlist ? Sounds to me your company *wants* to be hacked
 
Avatar 54727
 
Reply Quote Edit Delete Report
 
16. Re: etc. Nov 17, 2017, 08:33 Dacote
 
eRe4s3r wrote on Nov 16, 2017, 20:36:
Dacote wrote on Nov 16, 2017, 19:40:
IgWannA wrote on Nov 16, 2017, 14:15:
Eccentric wrote on Nov 15, 2017, 10:27:
Anyone else get a BitcoinMiner exploit blocked (hopefully) by your AV when you go to the SW:BF2 gameplay article?

Wow yeah, CPU at 100%. Neither BitDefender nor AdBlock detected anything though... What AV do you use?
Ublock Origin silently blocked it w/out adding anything. By blocked I mean I did not see an increase in cpu usage.
When I disabled U-block and reloaded the page Malwarebytes came into play and blocked crypto-loot.com

Likely it was blocked by something on your end that was not uBlock Origin, I tested with *only* uBlock Origin (latest filter lists and version) and no AV and it ran the miner without any info. Either way, good to know that malware bytes detected it, but what we really need is noscript back.

Well, actually it could also be you have some filter list active that I don't have active... ;p
Could be any of the above you stated, u-block showed that it blocked crypto-loot.com in the dropdown.
With miners in the wild, the never ending game of whack a mole just got a few more moles to whack.
sigh
 
Reply Quote Edit Delete Report
 
15. Re: Crypto Miner Nov 17, 2017, 07:49 Beamer
 
eRe4s3r wrote on Nov 16, 2017, 16:16:
Beamer wrote on Nov 16, 2017, 16:14:
372% CPU.

;p

Add these 2 filters to your uBlock Origin or Adblock custom rule thing


https://crypto-loot.com
https://crypto-loot.com/lib/miner.min.js


You gotta block them as they come btw, wide range block would be defeated by other domain or script name....

With filter 27 load attempts for this miner are detected by uBlock Origin.. ;p

That was my work mac. I need to see ads at work, so no blocking.
At home, I already block all javascript.
 
-------------
Music for the discerning:
http://www.deathwishinc.com
http://www.hydrahead.com
http://www.painkillerrecords.com
Reply Quote Edit Delete Report
 
14. Re: etc. Nov 16, 2017, 20:36 eRe4s3r
 
Dacote wrote on Nov 16, 2017, 19:40:
IgWannA wrote on Nov 16, 2017, 14:15:
Eccentric wrote on Nov 15, 2017, 10:27:
Anyone else get a BitcoinMiner exploit blocked (hopefully) by your AV when you go to the SW:BF2 gameplay article?

Wow yeah, CPU at 100%. Neither BitDefender nor AdBlock detected anything though... What AV do you use?
Ublock Origin silently blocked it w/out adding anything. By blocked I mean I did not see an increase in cpu usage.
When I disabled U-block and reloaded the page Malwarebytes came into play and blocked crypto-loot.com

Likely it was blocked by something on your end that was not uBlock Origin, I tested with *only* uBlock Origin (latest filter lists and version) and no AV and it ran the miner without any info. Either way, good to know that malware bytes detected it, but what we really need is noscript back.

Well, actually it could also be you have some filter list active that I don't have active... ;p
 
Avatar 54727
 
Reply Quote Edit Delete Report
 
13. Re: etc. Nov 16, 2017, 19:40 Dacote
 
IgWannA wrote on Nov 16, 2017, 14:15:
Eccentric wrote on Nov 15, 2017, 10:27:
Anyone else get a BitcoinMiner exploit blocked (hopefully) by your AV when you go to the SW:BF2 gameplay article?

Wow yeah, CPU at 100%. Neither BitDefender nor AdBlock detected anything though... What AV do you use?
Ublock Origin silently blocked it w/out adding anything. By blocked I mean I did not see an increase in cpu usage.
When I disabled U-block and reloaded the page Malwarebytes came into play and blocked crypto-loot.com
 
Reply Quote Edit Delete Report
 
12. Re: Crypto Miner Nov 16, 2017, 16:16 eRe4s3r
 
Beamer wrote on Nov 16, 2017, 16:14:
372% CPU.

;p

Add these 2 filters to your uBlock Origin or Adblock custom rule thing


https://crypto-loot.com
https://crypto-loot.com/lib/miner.min.js


You gotta block them as they come btw, wide range block would be defeated by other domain or script name....

With filter 27 load attempts for this miner are detected by uBlock Origin.. ;p
 
Avatar 54727
 
Reply Quote Edit Delete Report
 
11. Re: Crypto Miner Nov 16, 2017, 16:14 Beamer
 
372% CPU.  
-------------
Music for the discerning:
http://www.deathwishinc.com
http://www.hydrahead.com
http://www.painkillerrecords.com
Reply Quote Edit Delete Report
 
10. Crypto Miner Nov 16, 2017, 16:01 eRe4s3r
 
IgWannA wrote on Nov 16, 2017, 14:15:
Eccentric wrote on Nov 15, 2017, 10:27:
Anyone else get a BitcoinMiner exploit blocked (hopefully) by your AV when you go to the SW:BF2 gameplay article?

Wow yeah, CPU at 100%. Neither BitDefender nor AdBlock detected anything though... What AV do you use?

The culprit is this, and it's loaded on page-load as one of the first things, site has a crypto-miner via JS integrated. Super scammy and Blues should blacklist the site for eternity imo.

The miner in question appears as one of the first loaded JS scripts
https://crypto-loot.com/lib/miner.min.js

Don't click on that obviously. Seriously, do NOT click on the JS script, it will run

Interestingly, not even uBlock Origin detected this, NoScript would block it but yeah, I have a simple JS disable button currently that does block it too...

If you got heuristic AV this post here should already trigger a warning btw... if you got IT skills, this post here should entice you to dig deeper with JS disabled.

Interestingly, it doesn't even get filtered with a custom filter..

This comment was edited on Nov 16, 2017, 16:13.
 
Avatar 54727
 
Reply Quote Edit Delete Report
 
9. Re: etc. Nov 16, 2017, 14:15 IgWannA
 
Eccentric wrote on Nov 15, 2017, 10:27:
Anyone else get a BitcoinMiner exploit blocked (hopefully) by your AV when you go to the SW:BF2 gameplay article?

Wow yeah, CPU at 100%. Neither BitDefender nor AdBlock detected anything though... What AV do you use?
 
Reply Quote Edit Delete Report
 
8. Re: etc. Nov 16, 2017, 10:27 RedEye9
 
Eccentric wrote on Nov 15, 2017, 10:27:
Anyone else get a BitcoinMiner exploit blocked (hopefully) by your AV when you go to the SW:BF2 gameplay article?
On an i3-6100 dell desktop running McAfee Anti-Virus it pegged all 4 logical processors. Not a peep from the av nor warning from the latest firefox.
 
Avatar 58135
 
https://www.newyorker.com/humor/borowitz-report
Reply Quote Edit Delete Report
 
7. Re: etc. Nov 15, 2017, 14:44 Acleacius
 
I wonder if they chose this day because NoScript is down, with the new Firefox update.  
Its a sad day for America when people believe women, The Drumpf
Reply Quote Edit Delete Report
 
6. Re: etc. Nov 15, 2017, 13:42 eRe4s3r
 
Pepe wrote on Nov 15, 2017, 12:25:
Eccentric wrote on Nov 15, 2017, 10:27:
Anyone else get a BitcoinMiner exploit blocked (hopefully) by your AV when you go to the SW:BF2 gameplay article?

I did not, I did see my fps in wow drop to almost single digits when I went on that site and got the hell out.

Wha... holy crap disabling javascript before going there was a good idea then,
 
Avatar 54727
 
Reply Quote Edit Delete Report
 
5. Re: etc. Nov 15, 2017, 12:25 Pepe
 
Eccentric wrote on Nov 15, 2017, 10:27:
Anyone else get a BitcoinMiner exploit blocked (hopefully) by your AV when you go to the SW:BF2 gameplay article?

I did not, I did see my fps in wow drop to almost single digits when I went on that site and got the hell out.
 
Reply Quote Edit Delete Report
 
4. Re: etc. Nov 15, 2017, 10:50 Wallshadows
 
Looks like the link is down now.

The server is temporarily unable to service your request due to maintenance downtime or capacity problems. Please try again later.

 
Avatar 50040
 
Reply Quote Edit Delete Report
 
3. Re: etc. Nov 15, 2017, 10:50 Creston
 
Eccentric wrote on Nov 15, 2017, 10:27:
Anyone else get a BitcoinMiner exploit blocked (hopefully) by your AV when you go to the SW:BF2 gameplay article?

Eek. Thanks for the headsup.
 
Avatar 15604
 
Reply Quote Edit Delete Report
 
2. Re: etc. Nov 15, 2017, 10:34 RedEye9
 
Eccentric wrote on Nov 15, 2017, 10:27:
Anyone else get a BitcoinMiner exploit blocked (hopefully) by your AV when you go to the SW:BF2 gameplay article?
Oh, that's fucked up. Ain't clicking it.
 
Avatar 58135
 
https://www.newyorker.com/humor/borowitz-report
Reply Quote Edit Delete Report
 
1. Re: etc. Nov 15, 2017, 10:27 Eccentric
 
Anyone else get a BitcoinMiner exploit blocked (hopefully) by your AV when you go to the SW:BF2 gameplay article?  
Reply Quote Edit Delete Report
 
20 Replies. 1 pages. Viewing page 1.
< Newer [ 1 ] Older >


footer

Blue's News logo