Tomcat
Professional
- Messages
- 2,695
- Reaction score
- 1,060
- Points
- 113
The Cookie Consent toast notification builder contained the Crypto-Loot miner.
A free script used by site owners to pop-up cookie notifications uploads a browser mining tool to those sites. The hidden miner was discovered by researcher Willem de Groot on the website of Albert Heijn, the largest supermarket chain in the Netherlands.
After analyzing the JavaScript files of the site, de Groot found a cookiecript.min.js file loaded from cookiescript.info. This domain is registered to the Cookie Consent service, which allows you to create pop-up notifications about the use of cookies by the site, required by the EU legislation.
The service generates a block of code that webmasters then embed into their sites. As it turned out, one of the JavaScript files downloaded from it contains the Crypto-Loot miner, which allows you to mine Monero cryptocurrency in a browser.
It seems that the Cookie Consent administrators have become aware of the presence of the miner, since now it is no longer in the pop-up builder. However, the service itself still uses the old version of the script containing the Crypto-Loot.
According to American researcher Troy Mursch, Crypto-Loot ranks third in popularity among online cryptominers after Coinhive and JSEcoin. De Groote found it on at least 243 sites.
