Test ID:	1.3.6.1.4.1.25623.1.0.108334
Category:	Malware
Title:	Coinhive JavaScript Miner Detection
Summary:	This script reports if a web page of the remote host contains code from the; Coinhive JavaScript Miner.
Description:	Summary: This script reports if a web page of the remote host contains code from the Coinhive JavaScript Miner. Vulnerability Insight: While the Coinhive JavaScript Miner might be deployed legitimately, it is often used by attackers for malicious purposes to consume unauthorized resources of a client browsing a web site. This script reports results of rudimentary checks for the following strings embedded into any web page of the remote host: - CoinHive.Anonymous - CoinHive.User - CoinHive.Token NOTE: There are various obfuscation technologies available to hide such JavaScript from the scanner, thus the mentioned 'rudimentary checks' above. NOTE2: No vulnerability is reported if the Coinhive JavaScript is loaded from the authedmine.com domain. This JavaScript code only run after an explicit opt-in / agreement from the user. Vulnerability Impact: If the Coinhive JavaScript Miner is started without a configured OptOut possibility for the client, unauthorized resources of this client will be used. Solution: Inspect all reported web pages / URLs if the Coinhive JavaScript Miner was deployed legitimately and remove it if not. CVSS Score: 4.3 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N
Copyright	Copyright (C) 2018 Greenbone Networks GmbH

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.