BSV
$57.57
Vol 36.85m
8.53%
BTC
$98289
Vol 55295.9m
5.86%
BCH
$476.47
Vol 315.52m
10.09%
LTC
$109.85
Vol 827.94m
10.21%
DOGE
$0.33
Vol 3768.96m
9.67%
Getting your Trinity Audio player ready...

Cryptojacking attacks are becoming increasingly prevalent, as scammers exploit vulnerabilities in websites to hack the resources of unsuspecting visitors. This type of scam, which mines cryptocurrency for the hackers in the background, has already affected a number of websites, leveraging cloud-based mining to turn attacks into cash.

Now, it looks as though a new, major wave of cryptojacking attack is underway, specifically targeting websites using the Drupal content management system (CMS).

Security researcher Troy Mursch recently revealed on Bad Packets Report website how hackers have deployed cloud-mining script Coinhive in websites including San Diego Zoo, and Mexico’s Chihuahua government, amongst others. Initial reports uncovered as many as 400 similarly affected sites, including a number of domains operated by universities and government agencies.

In both of the above examples, the script was injected in the “/misc/jquery.once.js?v=1.2” JavaScript library, which researchers extrapolated to identify countless other examples of the hack in action.

Cryptojacking significantly increases CPU usage for website visitors, and can undermine important digital infrastructure—the list of affected government sites as an example in this case. In some cases, because CPU usage is unthrottled, devices can overheat, with 100 percent of their processing power being used up in the mining process.

So what can website administrators do to protect against these threats? Mursch recommended vulnerable websites immediately take steps to protect themselves.

“We’ve seen plenty examples of Drupalgeddon 2 being exploited in the past few weeks,” he wrote. “This is yet another case of miscreants compromising outdated and vulnerable Drupal installations on a large scale. If you’re a website operator using Drupal’s content management system, you need to update to the latest available version ASAP.”

Although the Drupal security already has an FAQ documenting the risk level and mitigation steps, Mursch advised users “to take further remediation steps” because “installing the update won’t retroactively ‘unhack’” the website.

With attacks of this kind likely to become increasingly common, a greater awareness of the risks is required. The development will be concerning for website owners, but serves as a reminder of the importance of using the latest versions of any CMS.

Recommended for you

Google unveils ‘Willow’; Bernstein downplays quantum threat to Bitcoin
Google claims that Willow can eliminate common errors associated with quantum computing, while Bernstein analysts noted that Willow’s 105 qubits...
December 18, 2024
WhatsOnChain adds support for 1Sat Ordinals with new API set
WhatsOnChain now supports the 1Sat Ordinals with a set of APIs in beta testing; with this new development, developers can...
December 13, 2024
Advertisement
Advertisement
Advertisement