It was reported last Tuesday that the website of one of Netherlands largest supermarket chain loaded an in-browser cryptocurrency miner on its visitor’s computer using a cookie consent popup script.
Dutch security researcher Willem de Groot found that the website of Albert Heijn had an infected file named “cookiescript.min.js” that came from cookiescript.info, a website that provides the cookie consent service. He discovered that the block of code generated by the service contained a Monero miner called Crypto-Loot.
Although the admins of cookiescript.info have already removed the hidden miner, De Groot says that there are around 243 websites still deploying the malicious script.
Source: Bleeping Computer