Warning: New Malicious JS Using CSRF exploit via PM’s On Agora

less than 1 minute read

Posted by: DeepDotWeb

June 11, 2015

Several users of Agora Marketplace have reported receiving an message trough their PM system today, that when opened contains a malicious java script exploit that attempt to drain the Bitcoins from their wallets:

In order for the exploit to work:

The user has to have an active session open with Agora
Must have JS enabled
See an unknown link and be dumb enough to click on it while having have JS enabled.

Solution: Don’t do any of the above. Especially if you are a vendor. And hopefully that Agora will fix their CSRF vulnerability at some point (its wan known for quite a while now).