Nav_image
Nav_image Nav_image Nav_image Nav_image Nav_image Nav_image Nav_image Nav_image Nav_image
Nav_image Nav_image Nav_image Nav_image Nav_image Nav_image Nav_image Nav_image
Nav_image
Page 1 of 2 12 LastLast
Results 1 to 10 of 12

Thread: ProviderModule infected with Russian Bitcoin miner malware. Again.

  1. #1
    speed bump mannequin Golden Eel's Avatar
    Join Date: 06.20.09
    Location: Boy's Club
    Posts: 3,369
    Rank: 15 Gauge

    Default ProviderModule infected with Russian Bitcoin miner malware. Again.

    The PM main site and the forum are both serving scripts to users from these URLs:

    deluxe (dot) script (dot) ag/tag.js#site=0M6ZVb2
    mwor (dot) gq/ioefjjei
    wordc (dot) ga/iillioid
    Further info:

    So this should probably be addressed.

    (P.S. why does the site still not have https certification? It is quickly becoming not optional. Chrome already notifies the user that the site isn't safe based on that alone, so it's even worse that vBulletin seems to be filled with these gaping exploits.)
    Last edited by Golden Eel; 03-23-2018 at 02:30 AM. Reason: Formatting


    and with just one faint glance back into the sea
    the mollusk lingers with its wandering eye
      
      

  2. #2
    Mephisto's Avatar
    Join Date: 11.09.14
    Location: Serbia
    Posts: 1,275
    Rank: Crimson Soil

    Default

    I'm using MinerBlock extension from Google Chrome Store.

    https://chrome.google.com/webstore/d...ifafnoanocnebl
    Last edited by Mephisto; 03-23-2018 at 06:23 AM.
    Chillin' Killin'

  3. #3
    speed bump mannequin Golden Eel's Avatar
    Join Date: 06.20.09
    Location: Boy's Club
    Posts: 3,369
    Rank: 15 Gauge

    Default

    I guess I'll keep this thread bumped so it appears in the forum index so visitors can at least be aware that Provider Module is a vector for attacks.

    Like I said last time this happened, everybody with a web browser should be using Ublock Origin for their adblocking purposes. For those who have it installed, go into your settings and the 'My Rules' tab and add these lines:

    * 000webhostapp.com * block
    * deluxe.script.ag * block
    * mwor.gq * block
    * wordc.ga * block
    This will at least prevent resources from the offending domains from running on your PC - so you can browse PM without your browser and hardware being unknowingly hijacked like it is now.


    and with just one faint glance back into the sea
    the mollusk lingers with its wandering eye
      
      

  4. #4
    SEGLASS NI TONDAY Hazekiah's Avatar
    Join Date: 06.20.09
    Posts: 2,596
    Rank: 15 Gauge

    Default

    WTF even IS Bitcoin mining?

    o_O


  5. #5
    speed bump mannequin Golden Eel's Avatar
    Join Date: 06.20.09
    Location: Boy's Club
    Posts: 3,369
    Rank: 15 Gauge

    Default

    To put it plainly, Bitcoins are created by way of increasingly difficult computer processing operations. If you build a PC to do this with the top consumer hardware, you might make a few hundred bucks a month. Or you could write a script and inject it into websites with open exploits/security holes (like Provider Module) and now instead of your one measly computer at home, you can now utilize the processing power of every computer of every person who visits Provider Module.
    Last edited by Golden Eel; 03-24-2018 at 12:44 AM.


    and with just one faint glance back into the sea
    the mollusk lingers with its wandering eye
      
      

  6. #6
    SEGLASS NI TONDAY Hazekiah's Avatar
    Join Date: 06.20.09
    Posts: 2,596
    Rank: 15 Gauge

    Default

    Quote Originally Posted by Golden Eel View Post
    you can not utilize the processing power of every computer of every person who visits Provider Module.
    Story of my life, lol.

    Also *now not not.

    XD


  7. #7
    Married to Suedehead Shangri-LIE's Avatar
    Join Date: 08.05.09
    Location: Subject
    Posts: 7,634
    Rank: Stigmartyr

    Default

    I love the fact this thread was created. What I don't appreciate about this thread is that it was made known to people who use this site lol XD, though I can see the good intentions behind the alert, I think anyone who has been affected by this deserves it. #Zombies
    Last edited by Shangri-LIE; 03-24-2018 at 02:10 AM.
    OMNOMNOMNOMNOMNOMNOM


  8. #8
    Level 99 space wizard Marsmind's Avatar
    Join Date: 05.26.12
    Location: Does it matter?
    Posts: 275
    Rank: Brilliant Slut

    Default

    We're gonna need a lot of Spackle and some lube.

  9. #9
    Spirit Animal Procrastinator's Avatar
    Join Date: 06.20.09
    Location: Bracksmell
    Posts: 696
    Rank: Crimson Soil

    Default

    Quote Originally Posted by Golden Eel View Post
    I guess I'll keep this thread bumped so it appears in the forum index so visitors can at least be aware that Provider Module is a vector for attacks.
    The only part of the thread title that appears in the index is "Provider Module infected..." This made me think there was some drama going on so I opened the thread. Not what I was expecting but thanks for the heads up. I have this blocker you suggested since the adware attack.


  10. #10
    Administrator
    IN gOD WE TRUST
    Cringeon's Avatar
    Join Date: 06.20.09
    Location: SLUT
    Posts: 5,069
    Rank: Golden Needle

    Default

    Thanks for the notice. A direct message is preferred so we get to it faster. I’ve had to disable to the chat box until I can sort thru and pinpoint the exploit. Apologies for the downtown, I will try to get it all sorted as soon as possible. If anyone has any additional questions, feel free to send one of the admins a private message.

    Thanks.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

NEWS | TOUR | BIOGRAPHIES | DISCOGRAPHY | VIDEOGRAPHY | GALLERY | MEDIA & INTERVIEWS
MANSON'S JOURNAL | ESSAYS & ANALYSIS | TIMELINE | FORUM | THEATRE | INFORMATION & LINKS