Security incident Nov 23rd, 2017

Nov 25, 2017 | 0 comment

BETHLEHEM, PA – LiveHelpNow has identified a cybersecurity incident in which an attacker was able to compromise one of our CDN (content delivery network) servers and amend HelpOut widget JavaScript code to serve what’s known as “Coinhive in-browser cryptocurrency miner” script on websites where HelpOut widget was utilized by our clients.

Incident time: Nov 23rd, 2017 8:49:11 AM EST
Resolution time: Nov 24th, 2017 7:15 AM EST
Number of affected websites: 1,340
Number of affected users: 5,000-10,000
Type of attack: malware

Sites using live chat button, embedded widget or NO-JS type installation were not affected.
Only a very small number of visitors were affected since only one of 68 servers we use for content delivery was compromised.

Q & A

* Any possible exposure of personal details or information?
NONE. This was a crypto currency miner script(JS). Its purpose is to mine crypto currency and not to target theft of personal information.

* What symptoms would a customer experience if they were impacted by the malware? Or how can they tell if they were directly impacted?
High CPU utilization while the web page with the script was open.

* Is there anything the customer needs to do to remove the malware from their system if they were affected?
Refresh or close the web page serving the script.

* Was the issue completely resolved?
Our team has completely resolved the active issue. While no client websites are still experiencing an issue, we are taking additional steps to help prevent this from occurring again and will continue to monitor all activity.

This incident was very unfortunate, especially considering the timing of the event falling on the Thanksgiving Holiday. The attackers’ intent of making a few dollars ended up causing havoc for a lot of innocent customers, businesses and employees.

We thank our loyal clients for their understanding and patience given and our employees for dropping everything (including the turkey leg) to have all hands on deck during the holiday.

For additional questions or concerns please contact help (at) livehelpnow.com or start chat at livehelpnow.net.

LiveHelpNow crew

Comments

Brought to you by LiveHelpNow

Captivate customers and outshine competitors with our easy to use, hard to resist customer service software suite.

Learn more

Get knowledge to your inbox

Sign up and be first to know about our blog posts!

About the author

Michael Kansky

CTO at LiveHelpNow, LLC
Temple University , Computer science
15 years of software engineering experience

Connect with me on +Michael Kansky

Do you like our posts? You might also like our product.

Give LiveHelpNow Help Desk Software a go free for 30 days.

WAITING IS FOR LOBBIES AND BUS STOPS.

Questions?