
A cryptocurrency miner hidden in a favicon.ico – Welcome to 2018 - lobo_tuerto
https://twitter.com/xbs/status/963796410100604929
======
ronancremin
Tweet author here. Note at _all_ of the responses from the site had a
cryptomining script added, presumably due to a compromised machine. Our
firewall just happened to notice the favicon first. So the favicon thing is
just a coincidence and the browsers don't actually run the code in them (I
checked this).

Tweet gives wrong picture, but only noticed afterwards when people replied.
The site _was_ mining Coinhive, but it wasn't the favicon that caused it.

[https://twitter.com/xbs/status/964117597708079104](https://twitter.com/xbs/status/964117597708079104)

------
noureen
That's probably worse than Meltdown & Spectre combined (even though unrelated)

