More than 300 Websites Hacked in Large Cryptojacking Campaign
A security researcher of the website Bad Packets has uncovered a large cryptojacking campaign targeting vulnerable Drupal websites.
On Saturday May 5, the researcher by name Troy Mursch revealed that hackers were using a mining software called Coinhive to steal data from organizations running applications which have Drupal content management systems. Coinhive is used for mining XMR by exploiting the vulnerability in an outdated version of the Drupal content management system. More than 300 web-based applications have reportedly been hacked so far.
In the recent months, ‘Cryptojacking’ has been a serious problem in the cyber world. The term ‘Cryptojacking’ referred to as a form of cybercrime in which a hacker hijacks and uses the victim’s computing and processing power used to mine cryptocurrency on the hacker’s need.
The hackers are reportedly demanding ransom from the victims in the form of Bitcoin or any other cryptocurrency to decrypt the hacked data. The Hackers would steal and scramble the information which they have found from the victims’ web-based applications and other areas where the injection has been executed.
Troy Mursch has published the names of the affected websites which includes the websites of the San Diego Zoo, the National Labor Relations Board, the City of Marion, Ohio, the University of Aleppo, the Ringling College of Art and Design and the government of Chihuahua, Mexico and many more.
While visiting these hacked websites, one may not even understand or notice that their base computers are performing different types cryptographic processes which are used to mine XMR for the hackers.
Coinhive miner is a web-based application used for mining cryptocurrencies like XMR. However, it has been employed by hackers to steal data from websites running the application. In November last year, the miner was ranked as the 6th most common malware in the world.
Join Us On Telegram