Join our community of 10 000 traders on Hacked.com for just $39 per month.
Cryptojacking has been one of the most significant security threat researchers have been facing ever since cryptocurrencies took off last year. Mining requires computational power, and in return, miners are awarded a small amount of cryptocurrency. With cryptojacking, hackers infect machines and secretly use them to mine cryptocurrencies.
According to a report by the UK’s National Crime Agency (NCA) and the National Cyber Security Centre (NCSC) titled The Cyber Threat to UK Business,“Cryptojacking will likely become a regular source of revenue for website owners.” In February this year, Tesla’s website was hacked to mine Monero.
Some website owners have implemented cryptojacking as a source of revenue for them. However, hackers have been targeting websites with inadequate security to implement cryptojacking. In these cases, both the website owner and the users do not know the existence of the malicious code.
According to a new report published by Bad Packets, more than 300 websites have been affected by cryptojacking malware due to a vulnerability in an outdated version of Drupal which is a content management system similar to WordPress. Initially, they were notified of cryptojacking on the websites of San Diego Zoo and the government of Chihuahua. On cross-referencing the two sites, the only common link was that both sites used an outdated version of Drupal.
#Coinhive found on the website of the San Diego Zoo (@sandiegozoo) in the latest high-profile case of #cryptojacking. pic.twitter.com/B3rd2Q5uVA
— Bad Packets Report (@bad_packets) May 4, 2018
Coinhive was used in these sites to mine Monero. Coinhive is a JavaScript-based miner which can be implemented easily and runs on the browser as long as the site is open. Also, since it mines Monero which is a privacy-focused coin, it is hard to trace them.
Similar story here — #Coinhive injected via the same #JavaScript library (jquery.once.js?v=1.2) pointing to http://vuuwd[.]com/t.js
Also an outdated #Drupal installation. pic.twitter.com/fXv2sBsIVB
— Bad Packets Report (@bad_packets) May 5, 2018
Once they knew what they were looking for, they scanned the internet and found more than 350 affected websites that were affected by the bug. A lot of these websites were educational institutions and government organizations. Also, most of the affected websites were within the United States.
JavaScript was used to inject the malicious code on the affected websites and the malware only seems to affect sites that use an outdated version of Drupal. The security bug has been patched and if you are still running a site that uses an outdated version of Drupal, now would be a good time to upgrade.
Featured image from Shutterstock.
Follow us on Telegram.
Advertisement