[Pro] Poisoned cookie consent script file – cookiescript.info

I’ve been trying to track down why some clients’ browsers were indicating virus warnings when visiting their sites. After checking the content, as well as the entire respective home directories on the web server and ftp/mail areas, I worked out that it must be down to an external link. The common link with affected sites? A cookie script derived from cookiescript.info

The affected file is cookieconsent.5.min.js

On opening the file I could see calls to a coin mining website – crypto-loot(dot)com

There is an updated script if you again run through the building process on their site, and the relevant updated javascript file now pulled in seems clean.

cookiescript.info have been informed.

freewaytalk mailing list
Update your subscriptions at: