Startseite ▼ Bookkeeping
Online ▼ Sicherheits
Überprüfungs ▼
Verwaltetes
DNS ▼
Info
Bestellen/Erneuern
FAQ
AUP
Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password Netzwerk
Überwachung ▼
Enterprise
Erweiterte
Standard
Gratis Test
FAQ
Preis/Funktionszusammenfassung
Bestellen
Beispiele
Konfigurieren/Status Alarm Profile | |||
Test Kennung: | 1.3.6.1.4.1.25623.1.0.108334 |
Kategorie: | Malware |
Titel: | Coinhive JavaScript Miner Detection |
Zusammenfassung: | This script reports if a web page of the remote host contains code from the; Coinhive JavaScript Miner. |
Beschreibung: | Summary: This script reports if a web page of the remote host contains code from the Coinhive JavaScript Miner. Vulnerability Insight: While the Coinhive JavaScript Miner might be deployed legitimately, it is often used by attackers for malicious purposes to consume unauthorized resources of a client browsing a web site. This script reports results of rudimentary checks for the following strings embedded into any web page of the remote host: - CoinHive.Anonymous - CoinHive.User - CoinHive.Token NOTE: There are various obfuscation technologies available to hide such JavaScript from the scanner, thus the mentioned 'rudimentary checks' above. NOTE2: No vulnerability is reported if the Coinhive JavaScript is loaded from the authedmine.com domain. This JavaScript code only run after an explicit opt-in / agreement from the user. Vulnerability Impact: If the Coinhive JavaScript Miner is started without a configured OptOut possibility for the client, unauthorized resources of this client will be used. Solution: Inspect all reported web pages / URLs if the Coinhive JavaScript Miner was deployed legitimately and remove it if not. CVSS Score: 4.3 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N |
Copyright | Copyright (C) 2018 Greenbone Networks GmbH |
Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten. |