(UPDATE – 5PM): Tuneprotect.com is also affected by a similar cryptocurrency mining breach.
ORIGINAL STORY – 329PM:
AirAsia BIG Prepaid’s site appears to have been taken down after it was discovered to be hosting a Coinhive script. Coinhive is a script that allows sites to “borrow” CPU power from visiting computers to mine Monero cryptocurrency; and was first brought into the limelight after a trial on The Pirate Bay torrent tracker.
The issue was first noticed when anti-virus systems began flagging the site for distributing Coinhive scripts. It’s unknown how long this has been going on, but it is unlikely to have gone on for long. Coinhive draws a lot of CPU cycles and slows performance; as we noted when we attempted to load the AirAsia page without the protection of anti-virus systems or an Adblocker.
Coinhive touts itself as an alternative to serving advertisements, allowing sites to earn income without having deal with clients. It goes without saying that this is usually targeted at sites that deal with content that most advertisers would rather not be associated with.
Still, it’s not necessarily a bad thing. Users on The Pirate Bay were largely supportive of the trial run when it was first discovered. Those that were upset pointed out that it had more to do with the fact that it was done without informing visitors of the situation.
Mining Monero is also seen as a beneficial. Unlike Bitcoin, the cryptocurrency can actually be bought offline for cash. Allowing targeted customers to become more liquid in their funding.
AirAsia is not the only legitimate service to have been discovered serving Coinhive scripts. American broadcaster CBS was found to be doing the same thing through its Showtime website last week.
Giving credit where it is due, AirAsia shut down its BIG Prepaid site within two hours of being alerted to the situation. It’s currently unknown how the script managed to be uploaded to the site. The company has not made an official statement on the matter either, but we don’t expect anything this soon.
(UPDATE – 427PM):
AirAsia has tweeted that the site appears to have been compromised. The company has a team trying to correct the problem, but details about what happened are currently non-existent.
The tweet was somehow deleted shortly after but nevertheless, we have screenshot of tweet right here:
(UPDATE – 648PM):
AirAsia has finally released an official statement regarding this issue although it is quite short:
AirAsia BIG Prepaid became aware of the presence of cryptocurrency mining script Coinhive on bigprepaid.com at 2.19pm today.
All affected pages have since been taken offline pending a detailed investigation.
We would like to reassure BIG Prepaid users that no personal data was compromised, and we sincerely apologise for any inconvenience caused.
The statement might not be much but rest assured, AirAsia BIG Prepaid customers should be able to utilize the site once again very soon.