Home | News | Sucuri Security News | RawGit CDN is Abused by CryptoLoot Cryptominers

RawGit CDN is Abused by CryptoLoot Cryptominers

RawGit CDN is Abused by CryptoLoot Cryptominers

Recently, we came across another way to use files from GitHub repositories in malware infections.

This time the infections weren’t via GitHub.io, raw.githubusercontent.com, or github.com///raw/ URLs. The new trick involved a third-party service called RawGit that provides a CDN for GitHub files.

This is the script that we found injected into .js and theme files on infected Drupal and WordPress sites.

Some of the infections were clearly buggy.

Continue reading RawGit CDN is Abused by CryptoLoot Cryptominers at Sucuri Blog.

https://blog.sucuri.net/?fwp_blog_categories=wordpress-security

Leave a Reply

Your email address will not be published. Required fields are marked *

*

This site uses Akismet to reduce spam. Learn how your comment data is processed.