Monday, November 19, 2018

Make-A-Wish Foundation Website Hacked For Mining Cryptocurrency

Hackers have been stealing CPU-cycles from visitors to the Make-A-Wish Foundation’s international website since March in order to mine for Monero cryptocurrency. Researchers said they found the CoinIMP mining script embedded in the non-profit’s website, and that it was taking advantage of the Drupalgeddon 2 vulnerability.
Trustwave researchers discovered the cryptominer on the Make-A-Wish International’s websiteand said it had been active since mid-October. Make-A-Wish International is the global arm of the US-based Make-A-Wish Foundation.

The CoinIMP miner is JavaScript based and is often used by unsavory individuals who secretly embed the code into websites and use it to mine Monero currency on a site visitor’s phone, tablet or computer

No comments:

Post a Comment