cool hit counter Hackers harass Etherscan, the ethereum browser_Intefrankly

Hackers harass Etherscan, the ethereum browser

On Monday, Etherscan, the Etherscan browser, posted an official statement on social media reddit announcing the discovery of a number of random Javascript-based warning messages flooding the Etherscan browser's website, all containing the "1337" field. This is clearly the work of a hacker. The hacker wrote these warnings into the comment field of the Ether block via the third-party commenting tool Disqus (shown below).

Etherscan says the system is currently working fine except for this issue.

Some Etherscan users immediately informed Etherscan when they discovered this, and officials then shut down Disqus' commenting feature and installed a patch to fix the "un-escaped javascript exploits" found in the head of the comment field.

Upon further investigation, Etherscan found three attempts by the hacker to insert the message "1337" into the comment field of the block. The first attempt may not have been malicious, but the next two were clearly attempted. What's more, hackers have attempted to implant the Web3 Javascript API, but fortunately this attempt was stopped in time by Ethersan's backend.

In a statement, the Etherscan team said there is no need to panic, fear or doubt about Disqus. The only thing affected by this incident is the commenting feature; the Disqus API is all safe for now. A Disqus developer suggested changing "raw_message" to "message" in the code, and the suggestion was immediately accepted.

Some users have asked if the funds are safe, Etherscan said that all funds are safe and an official detailed report will be released soon to explain the situation to everyone.

One user also worried that the harassment incident might be a prelude to some big conspiracy, as usually hackers will test the system by attacking it on a trial basis to test its performance before launching a big attack, and in the process launch a big attack in one fell swoop once they find a bigger vulnerability. I hope this is brought to official attention and vigilance.

Reference link:

1、Whats Google PR up to these days an AI scientist actually accused of sexual harassment
2、Passthrough content platforms both incentives and the competitiveness of the product itself matter
3、Asian SciFi Drama Era Begins as Ketton Creates AI MegaProduction Perfect Core Robots
4、Cybersecurity Awareness Video Chaplin beware of being duped
5、Tencents Tinker Bell lands at CES with mysterious AI plans to be unveiled

    已推荐到看一看 和朋友分享想法
    最多200字,当前共 发送