Security News > 2021 > April > Coinhive domain repurposed to warn visitors of hacked sites, routers
Two years later, CoinHive is still injected on sites.
From the analysis of the sites referring traffic to the Coinhive domains, Hunt stated that CoinHive scripts are still injected mostly from China and Russia websites.
Today, Hunt revealed that he is now redirecting the coinhive.com domain to his new blog post about Coinhive at TroyHunt.com.
While Hunt uses the Coinhive domains for good purposes, such as warning a site's visitors of the injected scripts, his use of the Coinhive domains illustrates how bad actors could use abandoned domains to inject scripts into unsuspecting visitor's browsers.