Results 1 to 7 of 7

Thread: Can't connect to loads of websites + CoinHive Trojan

  1. #1
    Yay a custom user title! =assassin='s Avatar
    Join Date
    Jan 2007
    Posts
    827
    Thanks
    76
    Thanked
    52 times in 35 posts

    Can't connect to loads of websites + CoinHive Trojan

    Hi, I've tried on both the Windows 7 PC's I have, and neither can connect to places like google, bing, yahoo, reddit and probably others. In Firefox I get "Did Not Connect: Potential Security Issue" and in Internet Explorer I get "There is a problem with this website's security certificate"

    I also appear to have a trojan called coinhive.a or something, and it keeps coming back :/

    Any help much appreciated.

  2. #2
    Admin team peterb's Avatar
    Join Date
    Aug 2005
    Location
    Southampton
    Posts
    19,381
    Thanks
    2,892
    Thanked
    3,403 times in 2,693 posts
    • peterb's system
      • Motherboard:
      • Nascom 2
      • CPU:
      • Z80B
      • Memory:
      • 48K 8 bit memory on separate card
      • Storage:
      • Audio cassette tape - home built 5.25" floppy drive
      • Graphics card(s):
      • text output (composite video)
      • PSU:
      • Home built
      • Case:
      • Home built
      • Operating System:
      • Nas-sys
      • Monitor(s):
      • 12" monocrome composite video input
      • Internet:
      • No networking capability on this machine

    Re: Can't connect to loads of websites + CoinHive Trojan

    Can you connect to any sites using the iP address?

    Coinhive is a server side crypto currency miner (uses your OC to mine on behalf of the site owner!). It’s not something I’m familiar with, a quick search indicates that it can be a problem - if you can get to Google, there is lots of info available.
    (\__/)
    (='.'=)
    (")_(")

    Been helped or just 'Like' a post? Use the Thanks button!
    My broadband speed - 750 Meganibbles/minute

  3. Received thanks from:

    =assassin= (10-10-2019)

  4. #3
    Senior Member AGTDenton's Avatar
    Join Date
    Jun 2009
    Location
    Bracknell
    Posts
    1,464
    Thanks
    317
    Thanked
    211 times in 153 posts
    • AGTDenton's system
      • Motherboard:
      • ASUS P6T7 WS Supercomputer
      • CPU:
      • Intel Core i7 980
      • Memory:
      • 24GB Corsair Dominator GT
      • Storage:
      • OCZ Vector + HDDs
      • Graphics card(s):
      • Inno3D GTX 980 iChill Herculez X4 Air Boss Ultra
      • PSU:
      • Seasonic X-850W
      • Case:
      • Fractal Design Define XL
      • Operating System:
      • 10 Pro x64
      • Monitor(s):
      • BenQ
      • Internet:
      • 70MB using BT line

    Re: Can't connect to loads of websites + CoinHive Trojan

    A couple of basic things you can do:

    Perform ipconfig /all in command prompt and see what your DNS settings are.
    Also perform a tracert in command prompt to google.com and look up those IP addresses.

    Sounds like the DNS servers might be or your hosts file are pointing you to nasty sites...


    Rigs:
    Main: ASUS P6T7 WS Supercomputer, i7 980, 24GB Corsair Dominator GT, OCZ Vectors + HDDs, Inno3D GTX 980 iChill Herculez X4 Air Boss Ultra, Seasonic X-850W, Fractal Design Define XL, 10 x64 Pro, Noctua DH14 + stock chassis fans

  5. Received thanks from:

    =assassin= (10-10-2019)

  6. #4
    Yay a custom user title! =assassin='s Avatar
    Join Date
    Jan 2007
    Posts
    827
    Thanks
    76
    Thanked
    52 times in 35 posts

    Re: Can't connect to loads of websites + CoinHive Trojan

    Cheers for the replies guys, had a nightmare with it - eventually discovered that it had changed my routers DNS Servers to some chinese ones or something. I further discovered that my other PC which my Dad uses had the Kovter Trojan, and he admitted that he saw a Firefox Update popup that he clicked on, which was probably fake, and it must have started from there. I've ran multiple checks on my own PC, and sicne changing the DNS Servers back to the ones I had before, it seems *touches wood* fine. But I will have to triple check my Dads PC as Kovter sounds particularly nasty....

  7. #5
    Senior Member AGTDenton's Avatar
    Join Date
    Jun 2009
    Location
    Bracknell
    Posts
    1,464
    Thanks
    317
    Thanked
    211 times in 153 posts
    • AGTDenton's system
      • Motherboard:
      • ASUS P6T7 WS Supercomputer
      • CPU:
      • Intel Core i7 980
      • Memory:
      • 24GB Corsair Dominator GT
      • Storage:
      • OCZ Vector + HDDs
      • Graphics card(s):
      • Inno3D GTX 980 iChill Herculez X4 Air Boss Ultra
      • PSU:
      • Seasonic X-850W
      • Case:
      • Fractal Design Define XL
      • Operating System:
      • 10 Pro x64
      • Monitor(s):
      • BenQ
      • Internet:
      • 70MB using BT line

    Re: Can't connect to loads of websites + CoinHive Trojan

    Quote Originally Posted by =assassin= View Post
    Cheers for the replies guys, had a nightmare with it - eventually discovered that it had changed my routers DNS Servers to some chinese ones or something. I further discovered that my other PC which my Dad uses had the Kovter Trojan, and he admitted that he saw a Firefox Update popup that he clicked on, which was probably fake, and it must have started from there. I've ran multiple checks on my own PC, and sicne changing the DNS Servers back to the ones I had before, it seems *touches wood* fine. But I will have to triple check my Dads PC as Kovter sounds particularly nasty....
    Probably worth considering disabling uPNP, something I've done since it's inception.
    You just have to be prepared for NAT issues on gaming (if you game)


    Rigs:
    Main: ASUS P6T7 WS Supercomputer, i7 980, 24GB Corsair Dominator GT, OCZ Vectors + HDDs, Inno3D GTX 980 iChill Herculez X4 Air Boss Ultra, Seasonic X-850W, Fractal Design Define XL, 10 x64 Pro, Noctua DH14 + stock chassis fans

  8. Received thanks from:

    =assassin= (10-10-2019)

  9. #6
    HEXUS.timelord. Zak33's Avatar
    Join Date
    Jul 2003
    Location
    I'm a Jessie
    Posts
    34,351
    Thanks
    2,628
    Thanked
    2,707 times in 1,704 posts
    • Zak33's system
      • Storage:
      • Kingston HyperX SSD, Hitachi 1Tb
      • Graphics card(s):
      • Nvidia 1060
      • PSU:
      • Coolermaster 800w
      • Case:
      • Silverstone Fortress FT01
      • Operating System:
      • Win10
      • Internet:
      • Zen FTC uber speedy

    Re: Can't connect to loads of websites + CoinHive Trojan

    Use this for a double check -

    https://www.trendmicro.com/en_gb/for...housecall.html

    download the right one (32bit/64bit) and run it.
    I keep the icon on my PC and use it to scan regularly.

    Quote Originally Posted by Advice Trinity by Knoxville
    "The second you aren't paying attention to the tool you're using, it will take your fingers from you. It does not know sympathy." |
    "If you don't gaffer it, it will gaffer you" | "Belt and braces"

  10. Received thanks from:

    =assassin= (10-10-2019)

  11. #7
    Senior Member
    Join Date
    Mar 2005
    Posts
    4,593
    Thanks
    145
    Thanked
    311 times in 249 posts
    • badass's system
      • Motherboard:
      • ASUS P8Z77-m pro
      • CPU:
      • Core i5 3570K
      • Memory:
      • 32GB
      • Storage:
      • 1TB Samsung 850 EVO, 2TB WD Green
      • Graphics card(s):
      • Radeon RX 580
      • PSU:
      • Corsair HX520W
      • Case:
      • Silverstone SG02-F
      • Operating System:
      • Windows 10 X64
      • Monitor(s):
      • Del U2311, LG226WTQ
      • Internet:
      • 80/20 FTTC

    Re: Can't connect to loads of websites + CoinHive Trojan

    Quote Originally Posted by =assassin= View Post
    Cheers for the replies guys, had a nightmare with it - eventually discovered that it had changed my routers DNS Servers to some chinese ones or something. I
    The source of infection could well be your routers shocking security https://www.helpnetsecurity.com/2019...s-iot-devices/

    Check for updated firmware. Look up the model in google with the search term "vulnerabilities"

    This has been a known problem in the industry for a couple of decades. Still the consumer router manufacturers create insecure junk.
    "In a perfect world... spammers would get caught, go to jail, and share a cell with many men who have enlarged their penises, taken Viagra and are looking for a new relationship."

  12. Received thanks from:

    =assassin= (10-10-2019)

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •