Issue metadata
Sign in to add a comment
|
Security: Hmining.mobi running through chrome os/linux/MacOS and sucks GPU
Reported by
russ7t...@gmail.com,
May 5 2016
|
||||||||||||||||||
Issue descriptionThis template is ONLY for reporting security bugs. If you are reporting a Download Protection Bypass bug, please use the "Security - Download Protection" template. For all other reports, please use a different template. Please see the following link for instructions on filing security bugs: http://www.chromium.org/Home/chromium-security/reporting-security-bugs VULNERABILITY DETAILS There is a one-click download for Unix/C++ systems, such as macOS that is able to bypass sandboxing adn modify GPU settings and devote 60% of the GPU to data mining, password cracking, and more brute-force type attacks. Also redirects all search queries to Yahoo.com, regardless of the preferences set VERSION Chrome Version: [50.0.2661.94] + [stable] Operating System: [Macintosh OS X 10.10.3] REPRODUCTION CASE Filename as URL: Hmining.mobi
,
May 6 2016
The URL that redirects you if you have the virus is hmining.mobi, if not then it is error 404
,
May 6 2016
Do you mean that you have some malware installed, and it is sending you to Hmining.mobi?
,
May 6 2016
No it is an exploit that bypasses security checks by embedding itself in legitimate apps and then adding itself to chrome to suck up GPU power via hidden plist file... It uses the GPU to brute force stuff. I can't find the source code, looking through the deep web now
,
May 6 2016
Hmining.mobi may also be yahoo sponsored due to it also redirecting you to yahoo search
,
May 7 2016
What do you mean by "embedding itself in legitimate apps"?
,
May 7 2016
Thank you for providing more feedback. Adding requester "felt@chromium.org" for another review and adding "Needs-Review" label for tracking. For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot
,
May 7 2016
The legitimate apps are downloads such as Wine(Windows emulator??) that come from an unofficial sever. Also, Oceanofgames could also have this in their Mac games.
,
May 7 2016
Thank you for taking the time to report this. It sounds like these downloads have malware inside of them. If you come across a download like that again, can you please go to https://www.google.com/safebrowsing/report_badware/ and enter the URL of the website that is serving the download?
,
Aug 14 2016
This bug has been closed for more than 14 weeks. Removing security view restrictions. For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot
,
Oct 1 2016
This bug has been closed for more than 14 weeks. Removing security view restrictions. For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot
,
Oct 2 2016
This bug has been closed for more than 14 weeks. Removing security view restrictions. For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot
,
Oct 2 2016
|
|||||||||||||||||||
►
Sign in to add a comment |
|||||||||||||||||||
Comment 1 by f...@chromium.org
, May 6 2016