Re: https://urlquery.net/report/bd873fe2-acfb-4bdd-a5a5-213131a3789f
IDS detects crypto currency mining script.
The scan has detected some potential problems in these files. First scroll down through the code listed out after the list of links, this is the code returned by the request for the URL you entered and check for any problems. Next, these link(s) will open the individual URL(s) in this tool, check through the code that is returned, compare the code being returned to a know clean copy, etc. Note: Typically when you get a lot of files like that it indicates a hack in a common file such as a header or footer.1 →
2 → /about-us/
3 → /category/python/
4 → /2018/04/09/7-software-testing-principles-must-known-to-effective-qa/
5 → /category/testing/
6 → /2018/03/31/load-performance-testing-with-jmeter-components-part-2/
7 → /category/uncategorized/
8 → /2018/03/30/efficient-testcase-for-qa-with-testing-template/
9 → /2018/03/11/essentials-of-api-testing-with-postman/
10 → /category/api-testing/
11 → /category/selenium/
12 → /2018/03/10/auto-scale-selenium-hub-with-zalenium/
13 → /category/java/
14 → /category/js/
15 → /category/performance-testing/
16 → /page/2/
17 → /category/android/
18 → /category/appium/
19 → /category/docker/
20 → /2017/03/25/introduction-docker-build-image-scratch/
21 → /2016/12/18/678/
22 → /2016/12/18/674/
23 → /2016/12/12/step-step-selenium-python-part-1/
24 → /2016/12/10/flask-tutorial-web-development-python-deploy-heroku-part-2/
25 → /category/python/page/2/
26 → /2017/04/23/software-testing-fundamentals-%e2%80%8ahow-effective-tester/
27 → /category/testing/page/2/
28 → /2017/04/23/software-testing-fundamentals-testing-input-text-field/Suspicious URLs found in: http://scrolltest.com/2015/05/04/the-ultimate-cheat-sheet-on-xpath-in-python/
1: hxxp://coinhive·com/lib/coinhive·min·js
Note: The script calls above appear to be cryptocurrency miners. Cryptocurrency miners are usually VERY resource intensive and Google will stop Adwords on sites running miners. If you are intentionally running a crypto miner you should reconsider!
Two to flag this at VT: https://www.virustotal.com/nl/url/97ac95d7fb6b5b3c20cf6f2b7d122bb24f00ba8c39cc82a8e1ea16789a4413a7/analysis/1524396424/
ISSUE DETECTED DEFINITION INFECTED URL
Website Malware malware.cryptominer.3 -http://scrolltest.com/ ( View Payload )
Website Malware malware.cryptominer.3 -http://scrolltest.com/404testpage4525d2fdc ( View Payload )
Website Malware malware.cryptominer.3 -http://scrolltest.com/404javascript.js ( View Payload )
Website Malware malware.cryptominer.3 -http://scrolltest.com/about-us/ ( View Payload )
Website Malware malware.cryptominer.3 -http://scrolltest.com/category/python/ ( View Payload )
Website Malware malware.cryptominer.3 -http://scrolltest.com/2018/04/09/7-software-testing-principles-must-known-to-effective-qa/ ( View Payload )
polonus (volunteer website security analyst and website error-hunter)