I didn't write down the message... if it pops up again I'll see if I can get a detailed description. But I'm sure it gamedev.net both times it popped up right when I reloaded the for beginners and the graphics forums.
edit - I should also mention that I reload those pages multiple times per day and it only happened twice.
It just popped up reloading this forum:
Threatname: JS:Miner-J[TRJ]
URL: https://crypto-loot.com/lib/miner.min.js
Process: C:\....\opera.exe
Detected by: Web Shield
Status: Connection aborted
Sorry it doesn't say what page on GD.net or anything like that.
7 minutes ago, Infinisearch said:It just popped up reloading this forum:
Threatname: JS:Miner-J[TRJ]
URL: https://crypto-loot.com/lib/miner.min.js
Process: C:\....\opera.exe
Detected by: Web Shield
Status: Connection aborted
Sorry it doesn't say what page on GD.net or anything like that.
Thanks. Confirmed it's not coming from the GameDev.net server (via injection), so it's likely an ad network. Only seeing it twice helps support that theory. I'll reach out to Adsense and Amazon (the two ad networks we use).
Well the time I wrote it down was number three and just now it happened again... number four. Oh I should mention I have AVG internet security.
edit - BTW Opera my browser has a built in ad blocker that I disabled for GD.net. Should I enable it and see if AVG stops catching it?
I've sadly seen this on several sites. From what I understand, all of ours have been through ads. Ad companies (including Google AdSense) are fighting the battle but sometimes a scrip that points to a coin miner will slip through.
There are an ever-increasing number of groups injecting bitcoin mining in commonly shared scripts. Ads have been slipping them in for about a year now. Some sites have replaced ads with miners. It is becoming so commonplace I wouldn't even be surprised -- just disappointed -- to see things like jQuery or Google Analytics quietly add a tightly-throttled coin miner to their scripts.
I've also got these in my DNS blocking, they tend to be the common ones in ads:
# Cryptocurrency miners
coin-hive.com
coinhiveproxy.com
jsecoin.com
crypto-loot.com
On 1/5/2018 at 1:11 PM, frob said:I've also got these in my DNS blocking, they tend to be the common ones in ads:
Where do you set this up? Browser, Firewall, Windows DNS config? I would like to do this too.
Probably the easiest is to modify your hosts file. That's a file that lets you hard-code IP addresses. There are other ways to do it, but this is the simplest.
The file is in c:\Windows\System32\Drivers\etc\hosts if you're on windows, and it requires administrator privileges. On Linux and most Unix-based systems it is /etc/hosts.
The file format is the IP address to point to, followed by the domain name. There are two IP addresses that are most easily used, 0.0.0.0 means an unknown target, or you can point them back to your own machine to 127.0.0.0.
So one line to the hosts file may look like this:
0.0.0.0 coin-hive.com
There are many lists out there with bitcoin miner blockers. Add the lines to the end of the hosts file to automatically block them. When programs try to turn the name into an IP address they'll get the line from the hosts file first, blocking their CPU-intensive power-hungry scripts.
Less aggressive tools include adding them to a list in uBlock or Adblock Plus or other script-blocking tools. They're a good idea to use for various reasons, and better script-blocking tools allow you to whitelist sites so you can still support ads to sites you love.
On 1/9/2018 at 8:12 AM, frob said:Probably the easiest is to modify your hosts file. That's a file that lets you hard-code IP addresses. There are other ways to do it, but this is the simplest.
The file is in c:\Windows\System32\Drivers\etc\hosts if you're on windows, and it requires administrator privileges. On Linux and most Unix-based systems it is /etc/hosts.
The file format is the IP address to point to, followed by the domain name. There are two IP addresses that are most easily used, 0.0.0.0 means an unknown target, or you can point them back to your own machine to 127.0.0.0.
So one line to the hosts file may look like this:
0.0.0.0 coin-hive.com
There are many lists out there with bitcoin miner blockers. Add the lines to the end of the hosts file to automatically block them. When programs try to turn the name into an IP address they'll get the line from the hosts file first, blocking their CPU-intensive power-hungry scripts.
Less aggressive tools include adding them to a list in uBlock or Adblock Plus or other script-blocking tools. They're a good idea to use for various reasons, and better script-blocking tools allow you to whitelist sites so you can still support ads to sites you love.
Thanks... I've messed with the hosts file before, but avoid using it for things like this. Settled on an adblock list called NoCoin... it was built in to Opera thats how I learned about it. I had disabled adblocking for gamedev thats why it had got through.
