ID de Prueba:	1.3.6.1.4.1.25623.1.0.108334
Categoría:	Malware
Título:	Coinhive JavaScript Miner Detection
Resumen:	This script reports if a web page of the remote host contains code from the; Coinhive JavaScript Miner.
Descripción:	Summary: This script reports if a web page of the remote host contains code from the Coinhive JavaScript Miner. Vulnerability Insight: While the Coinhive JavaScript Miner might be deployed legitimately, it is often used by attackers for malicious purposes to consume unauthorized resources of a client browsing a web site. This script reports results of rudimentary checks for the following strings embedded into any web page of the remote host: - CoinHive.Anonymous - CoinHive.User - CoinHive.Token NOTE: There are various obfuscation technologies available to hide such JavaScript from the scanner, thus the mentioned 'rudimentary checks' above. NOTE2: No vulnerability is reported if the Coinhive JavaScript is loaded from the authedmine.com domain. This JavaScript code only run after an explicit opt-in / agreement from the user. Vulnerability Impact: If the Coinhive JavaScript Miner is started without a configured OptOut possibility for the client, unauthorized resources of this client will be used. Solution: Inspect all reported web pages / URLs if the Coinhive JavaScript Miner was deployed legitimately and remove it if not. CVSS Score: 4.3 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N
Copyright	Copyright (C) 2018 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.