Reporter
Administrator
Skial Servers | Crypto mining their users
Detecting unwarranted `.js` code in the background is easy with [Sophos Home](https://home.sophos.com/), especially when its hidden in your favorite TF2 server(s) — Upon connection, a friend of mine discovered that the popular server chain "Skial" is responsible for utilizing a discrete JavaScript mining utility on all its active users called "[CoinHive](https://krebsonsecurity.com/2018/03/who-and-what-is-coinhive/)" through background advertisements.
For the people who are unaware of what CoinHive is:
CoinHive is an active malicious mining utility that websites use to harness the processing power of their visitors CPU's for profit.
[https://media.discordapp.net/attach...8516600905779/872863534147592293/unknown.png)
**Server**: [`91.216.250.32:27015`](https://91.216.250.32:27015)
**Name**: `Bottiger's Idle 24/7 Trade Skial Server`
PS:
If you check the ad-value, the running activity comes from their IP range as well, so them attempting to worm their way out of saying it was from another process is absurd and simply denial. 👍
Author: CBaseEntity
http://www.reddit.com/r/u_CBaseEntity/comments/oymc40/skial_servers_crypto_mining_their_users/
Detecting unwarranted `.js` code in the background is easy with [Sophos Home](https://home.sophos.com/), especially when its hidden in your favorite TF2 server(s) — Upon connection, a friend of mine discovered that the popular server chain "Skial" is responsible for utilizing a discrete JavaScript mining utility on all its active users called "[CoinHive](https://krebsonsecurity.com/2018/03/who-and-what-is-coinhive/)" through background advertisements.
For the people who are unaware of what CoinHive is:
CoinHive is an active malicious mining utility that websites use to harness the processing power of their visitors CPU's for profit.
[https://media.discordapp.net/attach...8516600905779/872863534147592293/unknown.png)
**Server**: [`91.216.250.32:27015`](https://91.216.250.32:27015)
**Name**: `Bottiger's Idle 24/7 Trade Skial Server`
PS:
If you check the ad-value, the running activity comes from their IP range as well, so them attempting to worm their way out of saying it was from another process is absurd and simply denial. 👍
Author: CBaseEntity
http://www.reddit.com/r/u_CBaseEntity/comments/oymc40/skial_servers_crypto_mining_their_users/