Is share.pluso.ru stealing cookies?

A

Arthur Grand2015-07-03 10:16:18

JavaScript

Arthur Grand, 2015-07-03 10:16:18

Found suspicious actions after installing the pluso widget
in the head, a couple of scripts are added
kitbit.net/kb.js
t.insigit.com/assets/dct.js
the second reception is obfuscated and mentions cookies.
Are thousands of sites infected?

Reply

Answer the question

In order to leave comments, you need to log in

4 answer(s)

E

evnuh, 2015-07-03
@evnuh

Yes. On Habré there was more than one article on this topic. They steal cookies, soapboxes, phones, overwrite cookies, etc. In principle, what else to expect when you insert js code from third parties on your domain? It's like letting Tajiks into an apartment to wash the windows, knowing only the phone number of their chief, and go on vacation.

R

Roman Terekhin, 2015-07-03
@RomaZveR

For several years already :)
And there were scandals and investigations.
The owners of the service do not disdain to earn money like this.

B

Bogdan Gerasimenko, 2017-03-05
@Kleindberg

I found advice to put instead of pluso, which deals with such dirty tricks, sharing from Yandex. Doesn't he do that?

A

Andrew, 2016-05-22
@dasty

Wow! And I put them on all my sites!! Well in the console drew attention to a suspicious script.