‘Cryptojacking’ Software Infect more than 300 Websites

5136 Total Views

‘Cryptojacking’ Software Attack Hits more than Three Hundred Websites

Hackers have attacked hundreds of websites running the DrupalĀ  Content Management System with Malicious Software used to mine the digital currency monero.

Troy Mursch revealed this latest incident. According to reports, he wrote on Saturday that the hackers had attacked more than 300 websites who have installed the browser mining software Coinhive, which mine digital currency monero, by misusing a vulnerability in an old version of the Drupal content management system (CMS).

“Cryptojacking,” as similar attacks are called, has turned into a common problem as of late. The hackers used to favor ransom attacks in which they would scramble data and demand ransoms in bitcoin and another digital currency to decrypt it. They now frequently affect websites with software that harnesses visitors computer to mine digital currency on the attacker’s behalf.

Troy Mursch told that while cryptojacking is not as apparent as ransomware, “continues to be a problem – especially for website operators.”

He described:

“This is because Coinhive and other cryptojacking services (malware) are simply done with JavaScript. Every modern browser and a device can run JavaScript, so as such, everybody can mine digital currency and unfortunately Coinhive has been used and abused time and time again. In this particular case, Drupal users need to update as soon as possible.”

Infected websites include the City of Marion, the University of Aleppo, the San Diego Zoo, the National Labor Relations Board, the Ringling College of Art and Design and the government of Chihuahua, Mexico. An entire list of affected websites is available in this Spreadsheet.

Users to affected sites may not even notice that their computers are running the cryptographic function used to create monero for the hackers. The attacks slow users computer down and however can cause wear and tear on computer’s processors.

Not all Coinhive users are malicious, though. Salon, a news outlet, and UNICEF use the software to raise funds although only run it with visitors’ consent.

Nishanth Shetty

Nishanth Shetty is a technical writer, author and a crypto-advisor working at Cryptofame. Based in the city of dreams, Mumbai, on the west coast of India. He holds a bachelors degrees from Mangalore University. Nishanth has a myriad experience of technical writings for tech brands. His interests include technology, travel, and food.