WoT – Potential Security Breach


On the German section of the forum, player Flax78 posted something interesting.

I have received a cool message from my firewall today. Apparently someone tried to attack my PC through the CEF_BROWSER_PROCESS.EXE. The IP was from the Ukraine.


Summary of the above: the IP tried to attack named Web Attack: JSCoinminer Download 6, which tried to open the URL search . linkmyc . com/ js/ timeCounter . js?v=20171102 (cut up so you don’t click it like a dingbat). The attack was done through \DEVICE\HARDDISKVOLUME4\GAMES\WORLD_OF_TANKS\RES\CEF\CEF_BROWSER_PROCESS.EXE

The link above is a Javascript to run a bitcoin miner through coinhive. The process in question is the Chromium Embedded Framework, the thing that makes the ingame browser work (you can see all the announcements thanks to this). Is there perhaps some kind of mass attack going on, and is the CEF in WoT vulnerable, and Ukrainian h4x0rz want to mine bitcoins on your PCs? There is no conclusive evidence, but tread carefully, and install a firewall (or at least update Windows Defender definitions or something)