The Sewing Place

Reception => Welcome Lounge and Information => Topic started by: Francesca on October 06, 2017, 11:06:07 AM

Title: Coinhive issue
Post by: Francesca on October 06, 2017, 11:06:07 AM

I thought I would make a separate thread as way of an announcement to explain what happened where some users saw their virus software flagging TSP as having issues.

One of our add-on providers was comprised and we had a script called Coin Hive added to our site without our knowledge. Coin Hive is a legitimate script, which uses your CPU power to mine "bitcoins" which are a type of currency. Essentially, the script is using your computer power to process lots and lots of mathematical sums which can be converted into money.

Coin Hive is legitimate, but it was added behind our backs and therefore is malicious. Coin Hive isn't going to steal personal information, install software etc it's just using your processing power unbeknownst to you (and us).

We are in the process of removing the script from the site, and then the next stage will be finding out exactly how it was added to prevent it happening in the future.

Hope that helps to explain! Here is an interesting article:
https://www.theregister.co.uk/2017/09/25/showtime_hit_with_coinmining_script/

It's also quite useful to know as there has been a lot of discussion about this sort of thing becoming the norm in the future. In essence, instead of seeing banner adverts everywhere, a bitcoin miner would simply use a little of your computer's processing power to mine some bitcoins which would pay for things in place of advertising, so it's interesting to read up on!

Title: Re: Coinhive issue
Post by: Francesca on October 06, 2017, 11:26:22 AM

The Coin Hive script has now been totally removed from the site.

Please navigate your browsers to view-source:http://thesewingplace.org.uk/ (http://view-source:http://thesewingplace.org.uk/) and perform a hard refresh (http://thesewingplace.org.uk/index.php/topic,488.0.html) of your browser to get the latest changes.

Title: Re: Coinhive issue
Post by: Iminei on October 07, 2017, 08:25:33 AM

Thank you sooo much Fran ... Bravo!!!

Title: Re: Coinhive issue
Post by: BrendaP on October 07, 2017, 09:33:35 AM

Quote from: Francesca on October 06, 2017, 11:26:22 AM

Please navigate your browsers to view-source:http://thesewingplace.org.uk/ (http://view-source:http://thesewingplace.org.uk/) and perform a hard refresh (http://thesewingplace.org.uk/index.php/topic,488.0.html) of your browser to get the latest changes.

My browser (Firefox using Mac) wouldn't load http://view-source:http://thesewingplace.org.uk  but going to the homepage http://thesewingplace.org.uk/index.php (http://thesewingplace.org.uk/index.php) then "Tools" -> "Web Developer" -> "page Source" took me there and I did the hard refresh.

Title: Re: Coinhive issue
Post by: Kenora on October 07, 2017, 11:59:22 AM

I noticed the fan on my pc running like crazy over the last couple of days so I investigated and found the only site that caused this was TSP on Chrome (using over 85% of the CPU's power). It's stopped doing it now but I've done the hard refresh anyway. :)