Slashdot Mirror

← Back to Stories (view on slashdot.org)

The Los Angeles Times Website Is Unintentionally Serving a Cryptocurrency Mining Script (itwire.com)

Posted by BeauHD on from the heads-up dept.

troublemaker_23 shares a report from iTWire: The Los Angeles Times website is serving a cryptocurrency mining script which appears to have been placed there by malicious attackers, according to a well-known security expert. British infosec researcher Kevin Beaumont, who has warned that Amazon AWS servers could be held to ransom due to lax security, tweeted that the newspaper's site was serving a script created by Coinhive. The Coinhive script mines for the monero cryptocurrency. The S3 bucket used by the LA Times is apparently world-writable and an ethical hacker appears to have left a warning in the repository, warning of possible misuse and asking the owner to secure the bucket.

5 of 58 comments (clear)

  1. "Unintentionally" by sexconker · · Score: 5, Insightful

    Like how they "unintentionally" point visitors to ads and scripts created by third parties.

    If you're going to serve ads on your site, at least:

    1 - Be responsible for them.
    2 - Host them on your own domain.

    Does that break the current webvertising model? GOOD!

    1. Re:"Unintentionally" by sexconker · · Score: 4, Interesting

      I didn't read TFS. This appears to not be caused by ads, but by the LA Times serving content from a fucking publicly-writable storage source. Wooooooooooooooooooooo oooooooooooooooooooooooooooooooooo oooooooooooooo oooooooooooooooooooooooooo oooooooooooooooooow.

    2. Re:"Unintentionally" by Narcocide · · Score: 2

      Guess who else didn't grasp what it means. The person they hired to set it up! Whew good thing you saved money on that hire, hey guys?

    3. Re:"Unintentionally" by Hal_Porter · · Score: 2

      If you're going to serve ads on your site, at least:

      1 - Be responsible for them.
      2 - Host them on your own domain.

      The corollary being that if sites host ads on another domain they're not responsible for them and so you a) shouldn't trust they're not malicious code and b) should block them.

      --
      echo -e 'global _start\n _start:\n mov eax, 2\n int 80h\n jmp _start' > a.asm; nasm a.asm -f elf; ld a.o -o a;
  2. This is why. by Scutter · · Score: 5, Insightful

    Dear every site that demands that I disable my ad blocker:

      This is why is respectfully request that you get bent.

    Love,
    Scut

    --

    "Tell me doctor, with all of your defenses, are there any provisions for an attack by killer bees?"