The Los Angeles Times Website Is Unintentionally Serving a Cryptocurrency Mining Script

troublemaker_23 shares a report from iTWire: The Los Angeles Times website is serving a cryptocurrency mining script which appears to have been placed there by malicious attackers, according to a well-known security expert. British infosec researcher Kevin Beaumont, who has warned that Amazon AWS servers could be held to ransom due to lax security, tweeted that the newspaper's site was serving a script created by Coinhive. The Coinhive script mines for the monero cryptocurrency. The S3 bucket used by the LA Times is apparently world-writable and an ethical hacker appears to have left a warning in the repository, warning of possible misuse and asking the owner to secure the bucket.

lawsuit

They should be sued for stealing our electricity.

Re:lawsuit

Wow

Who did they hire to do this?

[Narcocide]

Not me, that's who.

"Unintentionally"

[sexconker]

Like how they "unintentionally" point visitors to ads and scripts created by third parties.

If you're going to serve ads on your site, at least:

1 - Be responsible for them.
2 - Host them on your own domain.

Does that break the current webvertising model? GOOD!

Re:"Unintentionally"

[sexconker]

I didn't read TFS. This appears to not be caused by ads, but by the LA Times serving content from a fucking publicly-writable storage source. Wooooooooooooooooooooo oooooooooooooooooooooooooooooooooo oooooooooooooo oooooooooooooooooooooooooo oooooooooooooooooow.

Re: "Unintentionally"

Point 2 still stands.

Re:"Unintentionally"

In the summary, it says they had a -rw-rw-rw- AWS S3 bucket. Who am I kidding, you probably read the summary, but don't grasp what that means. SAD!

Re:"Unintentionally"

So inform the epically, tragically stupid!

http://www.latimes.com/about/la-editorial-staff-directory-htmlstory.html

Peace out.

Re:"Unintentionally"

[Narcocide]

Guess who else didn't grasp what it means. The person they hired to set it up! Whew good thing you saved money on that hire, hey guys?

Re: "Unintentionally"

[sexconker]

Point 1 and 2 both stand. They just don't directly apply to the context of ads and this story (which didn't involve ads, but utter stupidity).

Re: "Unintentionally"

[Reverend+Green]

Upwork FTW!

Re:"Unintentionally"

> Guess who else didn't grasp what it means.

Me.

I must be out of the web development game too long, I have no clue what an 's3 bucket' is. :-/

Re:"Unintentionally"

[Hal_Porter]

If you're going to serve ads on your site, at least:

1 - Be responsible for them.
2 - Host them on your own domain.

The corollary being that if sites host ads on another domain they're not responsible for them and so you a) shouldn't trust they're not malicious code and b) should block them.

Re: "Unintentionally"

Clearly the sysadmin loves Satan.

He doesn't always get security, but when he does, he just telnets in as root and runs chmod 666 * to summon the almighty evil, systemctl.

Re:"Unintentionally"

If that holds, then doing anything malicious from a third-party site must be fine, right? Or maybe some guy NYT should just go to jail?

Re:"Unintentionally"

Well, I don't give three shits what an Amazon S3 Bucket is for and I don't think I'll put it on my bucket list either.

Re: "Unintentionally"

They were serving ads from an S3 bucket? No sysadmins were involved at all in that, I promise. Some web developers are getting laser eyed by IT ops folks about now.

Re:"Unintentionally"

[Narcocide]

Think of it like a windows file share only more easy to access and (at least in this configuration) less secure.

Those are not MY drugs...

Somebody put those miners on my site!

Re:Those are not MY drugs...

[Hal_Porter]

He's a good boy. He was probably just taking care of those drugs and firearms for one of the older boys.

Wow

wow

Incompetence affects all of us

Its hard to jump on board anything in terms of the web these without expecting incompetency to show its ugly head somewhere.

Re: Incompetence affects all of us

All the competent American web developers were driven out of business. The only thing customers will pay for these days is $4/hr from India.

Re: Incompetence affects all of us

This will not last.

This is why.

[Scutter]

Dear every site that demands that I disable my ad blocker:

  This is why is respectfully request that you get bent.

Love,
Scut

Re:This is why.

[freeze128]

I also make that request, but without the respect.

Re:This is why.

Yup, totally agree with that sentiment.

If I go to a site that won't show me anything until I disable my ad blocker, I just go elsewhere for the same/similar content.

I have nothing against adverts, after all that's how sites are funded/subsidised . What does really fuck me off is the masses of shitty bloated scripts that come with it wanting to do god-knows-what.
If you want me to see an advert on your site, do it the old fashioned way.. a simple linked graphic. Otherwise you can fuck right off.

Re:This is why.

[war4peace]

You might not be aware of the fact that Coinhive scripts can run in your browser even if you have AdBlock - because they are not ads.
Disabling JS will help though.

Always

[AHuxley]

No script
Ad blocker
Good quality AV for your OS.
The trust in any site as a brand and their .com is gone.

Corporate Main Stream Media

[rtb61]

Just another collection of bloggers with delusions of grandeur, still thinking they are what they were last millennium, gate keepers and controllers of the public mind state and in reality nothing but yesteryears corporate propagandists and corrupters of democracy. I find it hardly surprising they are running crypto miners and it probably isn't as accidental as they are trying to pretend it is. Corporations are waking up to the reality of the great election blowout, where corporate main stream media, the major internet companies and the sitting government, who conspired to steal an election lost against us nobodies, all of us nobodies, millions of us nobodies.

Advertising, do you know why it is failing on the internet apart from the hype methods which only have limited traction (sort of a single shot deal that has to be repeated and it doesn't repeat well). It lacks saturation. Before in the olde daze, corporate main stream media had a lock in on you and they could saturate you mind with 'selected ads'. Take a coke campaign, you would see the ad not once in a week but hundreds even thousands of times a day. TV ten to fifty times in a day, then the radio and ten to twenty times, than billboards tens of times, than in print another ten to hundreds times and then shop signs maybe tens of times again. Saturation ads. Now in the competitive space, many different ads, across many different web sites, cuts down coke ads, no matter how much it spends, to maybe three or four times in a day, sometimes even ten of times a day but not always. So everyone used to run ad campaigns where they would saturate the market for a period of times to gain market share, with billions of exposures, now gone for ever. Now they have to share and people are buying content and going ad free, so they have to even less to share. No longer can they saturate the market without spending way more than it is worth, having to out bid everyone else for space and still only getting minimal exposures. All the junk fooders are suffering because of this.

Proof positive of this is how they all lost an election when they all blatantly colluded together and that resulted in FUD https://en.wikipedia.org/wiki/..., which a lot of trolls capitalised on and made worse for shits and giggles, resulting in Russiagate (no matter what people think, they should not have lost and the did because the old saturation advertising model failed miserably).

So corporate main stream media looking to mine crypto would hardly be surprising, they are screwed, just another collection of bloggers with delusions of grandeur, who could not sell a corporate whore to a gullible and ill informed public, even with the backing of a corrupt government and corrupted by political appointees government agencies. Soros is pissed off with Google and Facebook because they scammed him for millions in worthless advertisement placements, pointlessly targeted at those who were already sold and drinking the coolaid. Kind of funny how things work out. So who paid those thirteen Russians and you can bet they feel really ripped off when it was publicly proven how little they achieved.

Re:Corporate Main Stream Media

Except the liberal idiots in the US take everything the liberal-bent media feeds them and treats it all as absolute fact.

Why? Because a vast majority of them can't think for themselves.

Re:Corporate Main Stream Media

Thousands of time a day you saw a coke ad? After that I didn't bother reading the rest of your broken thought vomit.

Oh, it's NO accident (quote proof)... apk

See subject & a DIRECT QUOTE "to recoup lost ad revenue when you use an ad blocker" http://www.bbc.com/news/technology-43053783/

I'm PROUD to be CRUSHING "Darth SOROS" via APK Hosts File Engine 10++ SR-1 32/64-bit https://www.google.com/search?hl=en&source=hp&biw=&bih=&q=%22APK+Hosts+File+Engine%22+and+%22start64%22&btnG=Google+Search&gbv=1/ DENYING HIM MORE "SHEKELS" his kind LIVES for & protecting others vs. far more than mere ads too (malware/botnets etc. you name it) for less yet doing MORE, natively, w/ what you have already.

* Good post on your end by the by... you're correct & I hope you find that quote useful to you!

APK

P.S.=> "I've got one that can SEE" https://www.youtube.com/watch?v=kBY6pF42I-c/ that's for you from another that can see too in myself... apk

Cloud + Flavor of the Month JavaScript

Gets you about as much security as the public restroom in Golden Gate Park after Midnight on Friday night, which is to say not much. Combine this with "developers" who learned to code at a 3 month night school bootcamp and know just barely enough to be dangerous and these sorts of incidents are inevitable.

CNN scripts the news

[nonBORG]

CNN got caught writing the script for a town hall setup with school shooting survivors
http://insider.foxnews.com/201...
LA Times running scripts on their readers. All makes no sense but happening anyway.

Re:CNN scripts the news

and fox news is 'fair and balanced', right? phht.

Re: CNN scripts the news

Itâ(TM)s not, but if I want to know what someone is up to Iâ(TM)ll look to see what his enemy says about him (in this case, Fox making the accusation), what he says about himself (havenâ(TM)t seen them refute Foxâ(TM)s claim) and then make my own decision on a case by case basis.

Re: CNN scripts the news

Go back to Reddit, iphonetard.

crypto miners on CNN

Got one yesterday. From a CNN.com-linked site. Good/bad news is, my net-unneutral provider is starting to block such content automatically.

The problem here

The problem here is Amazons bizarre non standard hosting infrastructure. WTF is a "bucket" anyway? Operating systems deal with disks and partitions, not "buckets". We are seeing this over and over. The problem is the system, not its users.

LOL

"...which appears to..."

I'd be willing to bet that the LA Times liberal mouthpiece put it there themselves to get some free $$ out of it and blamed it on hackers.

Coinhive

Coinhive is a legitimate idea, but their business model is wide open to abuse and seems to be getting abused frequently.

I sense the time is coming when I may have to add all their domains to my hosts file and point them at a dead IP address within my own NAT space.

Re:0.0.0.0 homicide.latimes.com in hosts... apk

Security janitor APK to the rescue. He is ready and waiting to try to clean up the mess long after the deed has been done. Lets see how many times we can get him to complain about getting modded to -1 today.

Reactionary LA Times (Was: Ultra-liberal paper)

>ultra-liberal paper

Liberal Schmiberal.

In LA, letting someone fffk you in the @55 or force oral sex on you is de rigueur. Springing a currency miner on your website? That's downright reactionary, by LA standards. It's old-fashioned capitalism, mining on someone else's territory, not sex-capitalism or prostitution-in-trade, which is the real currency of the town.

Re:0.0.0.0 homicide.latimes.com in hosts... apk

His autism should kick in full force any time now.

but...but..MAH HOSTS!

Re:It works - you did better yourself?

Sorry, faggy APK -- I'm not the person who Down modded you. I use my points on real posts; not your fake autistic ones.

Not every AC is the same. Why don't YOU post from a VERIFIED ACCOUNT instead of posting AC?

Scared? Thought so.

Bye, kid molester.

Re:You're the one who's scared... apk

WARNING !! WARNING !!! -- Autistic Waterhead detected !! WARNING !! WARNING

There is plenty of evidence on the web of you, Alex Kawfagosty, molesting young boys when you were in highschool. You even have one record of touching a 6 month baby girl in her special nono places. You're one sick felon, APK. I don't know how they child fuckers like you free.

More lies & libeling me?

Let's see evidence of it from a reputable legal source liar. Impossible to produce as it was never there. I'm no pedo/child molester OR homosexual.

* However @ this point I suspect YOU may be seeing as you 'hide' & stalk me constantly (making you a loony bird stalker of myself) projecting YOUR OWN SERIOUS ISSUES onto me!

APK

P.S.=> You need serious mental help Jealous Jowie - & I mean that, not joking... apk

You're scared & tried hiding this, lol!

Why don't YOU post from a VERIFIED ACCOUNT instead of posting AC? - by UNIDENTIFIABLE do-nothing zero "ne'er-do-well" Anonymous Coward 'jealous jowie' on Saturday February 24, 2018 @03:41PM (#56182247)

See subject: Why don't you? You don't as I've burnt you so many times under your "registered 'luser'" acc't. I can toss it back @ you, lol!

I use my points on real posts - by UNIDENTIFIABLE do-nothing zero "ne'er-do-well" Anonymous Coward 'jealous jowie' on Saturday February 24, 2018 @03:41PM (#56182247)

Thanks for being stupid enough to provide proof of my statement above in that quote, lol!

Scared? - by UNIDENTIFIABLE do-nothing zero "ne'er-do-well" Anonymous Coward 'jealous jowie' on Saturday February 24, 2018 @03:41PM (#56182247)

No, you are & for the EXACT reasons above (I've burnt you too many times & one must be SO BAD you're afraid to face me directly obviously, lol)...

APK

P.S.=> Lastly - thanks for projecting you are the homosexual & child molester (I'm not) & YOU EVEN HAD TO "DOWNMOD HIDE" THIS last time I posted it (truth/fact of it pissed you off as it proved you're stupid) https://yro.slashdot.org/comments.pl?sid=11782351&cid=56188765/... apk

0.0.0.0 homicide.latimes.com in hosts... apk

0.0.0.0 homicide.latimes.com
0.0.0.0 latimes.com

* See subject & those entries to protect yourselves vs. this crap (shit article by the by - it doesn't even POINT to the SOURCE of the script - & these 'security pros' that use TWITTER w/ its post limits HURTS them (after all - Kevin Beaumont didn't even post the data I was looking for, now I'm stuck w/ blocking the infected site itself instead as it's INFESTED!)).

BLOCKING COINHIVE SERVERS DOES THE REST (easy to find those lists).

HEY WHIPSLASH - why'd you 'downmod hide' this last 3x I posted it here https://yro.slashdot.org/comments.pl?sid=11782351&cid=56173433/ & here https://yro.slashdot.org/comments.pl?sid=11782351&cid=56173921/ + here https://yro.slashdot.org/comments.pl?sid=11782351&cid=56176103/ for?

It's helpful information (not to you though, see p.s. below (that's why - fact exposes you)).

APK

P.S.=> I would complain of this to /. (find better sources) but then, ole' DUBAI CONTROLLED "whipslash" is behind it I am sure (not a 1st - he's tried to point to articles that are SHITTY in the manner I complain of, lacking critical data for self-protection, but I've FOUND the data via better sources (or already had it in hosts, as I do for crypto mining botnets in the coin servers themselves LONG AGO blocked))... apk