Profile picture
Scott Helme @Scott_Helme
, 17 tweets, 6 min read Read on Twitter
Ummm, so yeah, this is *bad*. I just had @phat_hobbit point out that @ICOnews has a cryptominer installed on their site... 😮
It's on all of the pages I've checked so far too:
Confirmed it's not just me seeing this: webpagetest.org/result/180211_…
Ok so this is via a 3rd party compromise, here is the script: browsealoud.com/plus/scripts/b…
Hey @texthelp you've been compromised, you need to address this ASAP. Their site also has the crypto miner running:
It's also on @uscourts!
The Student Loan Company here in the UK:
The General Medical Council:
The NHS is directly affected too:
So many *government* websites in the UK are running a crypto miner *right now*...
Hey @troyhunt, even you're hit down under...
I have a list of over 20 .gov.uk .nhs.uk and .ac.uk domains affected so far. Seems to have hit other government sites too including the US and Australia.
Here's a list of 4,275 sites that are most likely *all* victims: publicwww.com/websites/brows…
These sites have neglected to deploy SRI and CSP, which would have completely mitigated this attack.
For those wondering if sites can protect themselves against a 3rd party compromise like this, the answer is yes, easily. I have articles on CSP and SRI which would protect you:
scotthelme.co.uk/content-securi…
scotthelme.co.uk/subresource-in…
We recently launched our own library for @reporturi and we never want to be an attack vector used against our customers that include our script. To protect our customers we provide script tags with SRI attributes present. report-uri.github.io/report-uri-js-…
see thread.
The Student Loans Company is now back online with the offending script removed:
Missing some Tweet in this thread?
You can try to force a refresh.

Like this thread? Get email updates or save it to PDF!

Subscribe to Scott Helme
Profile picture

Get real-time email alerts when new unrolls are available from this author!

This content may be removed anytime!

Twitter may remove this content at anytime, convert it as a PDF, save and print for later use!

Try unrolling a thread yourself!

how to unroll video

1) Follow Thread Reader App on Twitter so you can easily mention us!

2) Go to a Twitter thread (series of Tweets by the same owner) and mention us with a keyword "unroll" @threadreaderapp unroll

You can practice here first or read more on our help page!

More from @Scott_Helme see all

Profile picture
So @Patreon suspended my account.
They did this in secret. They have not notified me.
I simply noticed that they stopped sending me money.
They haven't stopped collecting money though, they're just keeping it. No account notification, no email. I just have this tiny little message hidden in the account section on the site.
What an awful way to treat people. They can still send me their crappy newsletter but letting me know that I've been suspended and my money won't be arriving, right before the holidays, that's some next-level shit.
Read 10 tweets
Profile picture
Here we go again with @MrTrustico: trustico.com/news/2018/digi…
"considers itself to have been unfairly and wrongly maligned"...
"Trustico® never deliberately exposed private keys." 🤔
Read 12 tweets
Profile picture
Yes, it could have been a lot worse...
Read 9 tweets

Related threads

Profile picture
To be fair, "Trump derangement syndrome" is a thing where people blame Trump for innocuous things, things he has no control over, or things that happened equally under Obama. On the other hand, this tweet is itself deranged.
The lesson you should learn for 2019 is how this tweet demonstrates lack of character and insecurity, they way Trump attacks childishly his critics: praising them when they agree with him, turning on them when they don't.
But that should equally apply to Trump. It's unlikely that even he is 100% bad. You should be able to point out things he does well. His recent prison reform was good. His judicial nominations have been all competent. While I don't agree with his tax law, it had needed reforms.
Read 3 tweets
Profile picture
Today the First Nations challenge to #SiteC in BC Supreme Court resumes, asking for an injunction to stop work on the dam until the rest of the Treaty 8 infringement case is decided in court. A critical case for BC. Follow the #SiteC & #SiteCInjunction hashtags this week! #bcpoli
Heading over to 800 Smithe now for 9:45 entry. All are welcome to be in the courtroom - please join us. Latecomers not admitted; proceedings start 10 am sharp. #bcpoli
This final week of the #SiteCinjunction hearing involves lawyers from the Province of BC (we have already heard from @sage_legal on behalf of West Moberly & Prophet River FNs, and BC Hydro's lawyers. #bcpoli #SiteC
Read 238 tweets
Profile picture
Shall we do some Tove Jansson today?

I think we should...
Alice’s Adventure in Wonderland, by Lewis Carroll. Illustrations by Tove Jansson. This is the English reprint, with Jansson's 1966 artwork. Quite magnificent!
Tove Jansson's anti-fascist cover for the Finnish satirical magazine Garm (October 1940). She drew many Garm covers during the war years.
Read 10 tweets
Profile picture
i spent a week reading about the cryptocurrency iota and i'm going to present a brief summary of my conclusions here. note that this was a free-time project for me and does not represent the views of anyone i work for.
0) first, my rules of engagement. i will automatically mute clear astroturfer/bot accounts. i will mute ad hominem attacks. i will ignore empty "do more research" and "read the whitepaper" responses. i may take time to respond but will argue in good faith.
1) above all, the community is toxic. any honest criticism is met with coordinated brigading, which includes attempts to discredit experts' credentials, get them fired, and hack their accounts. i've been very hesitant over whether to share any of my thoughts/findings.
Read 44 tweets
Profile picture
Yeah... it’s kinda the worst to refer someone for a job only to get feedback that they, um, couldn’t name recent books + any the publisher has published 😭😩

Never give anyone an easy reason to say no!
There are like some *really* basic things you should know going into an interview:

Who is interviewing you. Call or email and find out.
...You need to know who they are, their role within the company, and books they’ve edited, etc.
The company. Not just their name (Obvi) but you need to know things like is this particular imprint trying to grow a certain area? Is it an area you have skills in?

Unpopular opinion: it’s OK if you don’t have those specific skills. You need to know that BEFORE the interview
Read 34 tweets
Profile picture
Nationwide boycott of all Sinclair Broadcasting stations and the companies supporting them is in order

Unless you want to see America's local news turn into an engine for @RT_com style propaganda...

#BoycottSinclair #SinclairBroadcasting #Sinclair

This wiki has a list of all the local Sinclair broadcast networks around America for you to boycott..

#BoycottSinclair #SinclairBroadcasting #Sinclair

en.wikipedia.org/wiki/List_of_s…
Also a good idea to file a complaint with the @FCC

#BoycottSinclair #SinclairBroadcasting #Sinclair

consumercomplaints.fcc.gov/hc/en-us
Read 22 tweets

Trending hashtags

#RecordStoreDay2019 #LostHighway #bcopli #site #Ozark #welp #AccidentsWillHappen #no #FloridaSchoolShooting #IndigenousRights #smartcities #ParklandStrong #MeepMeep #bcpoil #cnpoli #SiteC #smartcites #yourewelcome #BelgariadRead #delete #snapekillsdumbledore #MoscowPlaneCrash #MeToo #cdnpoli #MKGA

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just three indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member and get exclusive features!

Premium member ($3.00/month or $30.00/year)

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!