website " www.root.ir " have not miner code , but when open it . cpu usage is very high.
after close website"tab" , cpu usage back to normaly " low "
any AV can not detected it .
Regards ,
Amir
Answer
i think this site have miner code
+37Best answer by durantash
Hello,
We can confirm this site is using a javascript based miner to utilize 100% of CPU. We have reported it to our web threat team and the site will be blocked.
Regards,
Webroot Business Support
We can confirm this site is using a javascript based miner to utilize 100% of CPU. We have reported it to our web threat team and the site will be blocked.
Regards,
Webroot Business Support
Security Softwares & Antivirus Business & Market Analyzer * Write near 5000 Topics about AntiVirus on my Blog ( Persian Language ) : www.disna.ir ( more than 500 topics about Webroot ) * Do you know Where is Durantash ? my profile picture is part of Durantash ( Ziggurat , Chogha Zanbil )
Hi durantash
From what I can see from a reputation lookup that looks unlike given the following result returned:
Reputation:88
This is a well known site with strong security practices, and rarely exhibits characteristics that expose the user to security risks. There is a very low probability that the user will be exposed to malicious links or payloads.
You may want to do a check by another means but as I said given the above...unlikely...regardless of CPU usage spikes, etc.
Regards, Baldrick
From what I can see from a reputation lookup that looks unlike given the following result returned:
URL lookup information
URL:www.root.irCategory & ConfidencePersonal Sites and Blogs: 93%Reputation:88
This is a well known site with strong security practices, and rarely exhibits characteristics that expose the user to security risks. There is a very low probability that the user will be exposed to malicious links or payloads.
You may want to do a check by another means but as I said given the above...unlikely...regardless of CPU usage spikes, etc.
Regards, Baldrick
Webroot SecureAnywhere Complete Beta Tester v9.0.24.49, imaged by Macrium Reflect v7.2
+37interesting .
i view website source and can not find any coin miner code .
i view website source and can not find any coin miner code .
Security Softwares & Antivirus Business & Market Analyzer * Write near 5000 Topics about AntiVirus on my Blog ( Persian Language ) : www.disna.ir ( more than 500 topics about Webroot ) * Do you know Where is Durantash ? my profile picture is part of Durantash ( Ziggurat , Chogha Zanbil )
Just because an advert is pushed out by a site does not mean that it will be also nefariously pushing mining-related code...that smacks of paranoia in the extreme.
I have also gone to the site and turned off my ad blockers...and absolutely no spike as far as I can see.
Suspect a 'storm in a tea cup'.
I have also gone to the site and turned off my ad blockers...and absolutely no spike as far as I can see.
Suspect a 'storm in a tea cup'.
Webroot SecureAnywhere Complete Beta Tester v9.0.24.49, imaged by Macrium Reflect v7.2
+63Both BrightCloud and VirusTotal say the site is safe! https://www.virustotal.com/en/url/8c43449368af83309575818baa7313f992c5c1f8947a3b4e582e7369a9303602/analysis/
Daniel - Microsoft MVP Consumer Security (2012-2016) Windows 10 Pro x64 for Workstations 22H2 on my Alienware 17R2 and Windows 11 Pro x64 for Workstations on my Alienware 17R5 Laptops with Webroot SecureAnywhere Complete Beta Tester for PC & Android Samsung Galaxy A16 5G OS 16.
+37Hello,
We can confirm this site is using a javascript based miner to utilize 100% of CPU. We have reported it to our web threat team and the site will be blocked.
Regards,
Webroot Business Support
We can confirm this site is using a javascript based miner to utilize 100% of CPU. We have reported it to our web threat team and the site will be blocked.
Regards,
Webroot Business Support
Security Softwares & Antivirus Business & Market Analyzer * Write near 5000 Topics about AntiVirus on my Blog ( Persian Language ) : www.disna.ir ( more than 500 topics about Webroot ) * Do you know Where is Durantash ? my profile picture is part of Durantash ( Ziggurat , Chogha Zanbil )
Thank you @durantash for finding and reporting that website. Kudo's. 😉
Mac Mini, M-4, 24 GB Memory, 1 TB SSD, macOS Sequoia 15.7.2 ~ Backup with: Time Machine & iCloud. PWM: RoboForm. 👁¿👁 Spam Annihilater 👁¿👁
+63We can confirm this site is using a javascript based miner to utilize 100% of CPU. We have reported it to our web threat team and the site will be blocked.
Regards,
Webroot Business Support
Thanks! Very odd though but good to know and see this: https://sitecheck.sucuri.net/results/www.root.ir
Click on Picture to see full size!
Daniel - Microsoft MVP Consumer Security (2012-2016) Windows 10 Pro x64 for Workstations 22H2 on my Alienware 17R2 and Windows 11 Pro x64 for Workstations on my Alienware 17R5 Laptops with Webroot SecureAnywhere Complete Beta Tester for PC & Android Samsung Galaxy A16 5G OS 16.
+37Thank you
i ask about can brightCloud automatically Blocked websites are this Method for coin mine ?
maybe we need making new Method for detect threats ? with more speedy .
Regards ,
Amir
i ask about can brightCloud automatically Blocked websites are this Method for coin mine ?
maybe we need making new Method for detect threats ? with more speedy .
Regards ,
Amir
Security Softwares & Antivirus Business & Market Analyzer * Write near 5000 Topics about AntiVirus on my Blog ( Persian Language ) : www.disna.ir ( more than 500 topics about Webroot ) * Do you know Where is Durantash ? my profile picture is part of Durantash ( Ziggurat , Chogha Zanbil )
Login to the community
No account yet? Create an account
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.