RawGit CDN is Abused by CryptoLoot Cryptominers

Recently, we came across another way to use files from GitHub repositories in malware infections.

This time the infections weren’t via GitHub.io, raw.githubusercontent.com, or github.com/<user>/<repository>/raw/ URLs. The new trick involved a third-party service called RawGit that provides a CDN for GitHub files.

This is the script that we found injected into .js and theme files on infected Drupal and WordPress sites.

Some of the infections were clearly buggy.

Continue reading RawGit CDN is Abused by CryptoLoot Cryptominers at Sucuri Blog.

Story added 31. July 2018, content source with full text you can find at link above.

Comments are closed.

More antivirus and malware news?

Website Ransomware – CTB-Locker Goes Blockchain
Is performance tracking about to go mobile?
Resolved: University Collaboration Suite (UCS) Software Upgrade – Saturday, August 1
Microsoft Office CVE-2016-3316 Memory Corruption Vulnerability
Cryptocurrency Stealer Delivered From Official Monero Website
What are shielded virtual machines and how to set them up in Windows Server
Google’s RETVec Open Source Text Vectorizer Bolsters Malicious Email Detection
BlackWallet cryptocurrency site loses users’ money after DNS hijack
‘Annie’, ‘Fury’, other Sony blockbuster movies pirated after network attack
How to Reduce Risk While Saving on the Cost of Resolving Security Defects

RawGit CDN is Abused by CryptoLoot Cryptominers

More antivirus and malware news?

Ads

Security news

Malware

Security

IT security

About site

Search Terms Tips

Recent New Tips

Recent Posts