On 6th December 2017, FortiGuard Labs discovered a compromised website - acenespargc[.]com. Looking into the source code, we noticed a suspicious encrypted script which the uses eval() function to convert all the characters into numbers. We used a tool called CharCode Translator to reverse the numbers back into characters. We were then able to retrieve a link which redirects to a scam page or phishing website.
Part 1
Part 2
The above is just a simple example. The threat actor can actually…
Article Link: https://blog.fortinet.com/2018/02/07/the-growing-trend-of-coin-miner-javascript-infection