Lateral-g Forums

Lateral-g Forums (https://www.lateral-g.net/forums/index.php)
-   Open Discussion (https://www.lateral-g.net/forums/forumdisplay.php?f=14)
-   -   Is this site running coinhive? (https://www.lateral-g.net/forums/showthread.php?t=55750)

dhutton 11-12-2017 08:48 AM
Is this site running coinhive?
 
Malwarebytes is blocking coinhive on this site:

https://blog.malwarebytes.com/securi...king-coinhive/

Don

camcojb 11-12-2017 11:02 AM
Quote:
Originally Posted by dhutton (Post 668655)
Malwarebytes is blocking coinhive on this site:

https://blog.malwarebytes.com/securi...king-coinhive/

Don
Investigating now.

Ron in SoCal 11-12-2017 11:22 AM
I'm getting similar attack:

Category: Intrusion Prevention
Date & Time,Risk,Activity,Status,Recommended Action,IPS Alert Name,Default Action,Action Taken,Attacking Computer,Attacker URL,Destination Address,Source Address,Traffic Description
11/12/2017 11:20:35 AM,High,An intrusion attempt by camcojb.com was blocked.,Blocked,No Action Required,Web Attack: JSCoinminer Download 6,No Action Required,No Action Required,"camcojb.com (107.6.190.220, 80)",lateral-g.net/forums/forumdisplay.php4?f=14,"DESKTOP-PLFNOHQ (192.168.1.93, 54243)",camcojb.com (107.6.190.220),"TCP, www-http"
Network traffic from <b>lateral-g.net/forums/forumdisplay.php4?f=14</b> matches the signature of a known attack. The attack was resulted from \DEVICE\HARDDISKVOLUME3\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE. To stop being notified for this type of traffic, in the <b>Actions</b> panel, click <b>Stop Notifying Me</b>.

camcojb 11-12-2017 04:27 PM
Should be gone for now. We're planning a complete upgrade Tuesday/Wednesday which will be a bit painful as we have so much custom stuff on the site which has to be re-installed separately, but it will be a much safer platform.


All times are GMT -7. The time now is 10:30 PM.

Powered by vBulletin® Version 3.8.11
Copyright ©2000 - 2025, vBulletin Solutions Inc.
Copyright Lateral-g.net