Cybersecurity firm Trustwave has reported a case of cryptojacking malware stealing the computing power of visitors to the Make-A-Wish Foundation’s website.
Hackers have infected the website of global non-profit organization the Make-A-Wish Foundation with cryptojacking malware, according to a report by cybersecurity firm Trustwave posted Nov. 19.
According to Trustwave researchers, crypto jackers managed to incorporate a JavaScript (JS) miner CoinImp into the domain worldwish.org in order to illicitly mine privacy-focused cryptocurrency Monero (XMR). Similarly to the notorious Monero mining software CoinHive, CoinIMP has reportedly been using the computing power of website visitors to mine cryptocurrency.
Per the report, the CoinImp script infected the website through the drupalupdates.tk domain, which is associated with another campaign that exploited a critical Drupal vulnerability to compromise websites since May 2018.
The researchers noted that the recently detected campaign deployed a number of techniques to evade detection, including alterations of its already obfuscated domain name, as well as different domains and IPs in a WebSocket proxy.
Trustwave reportedly contacted Make-A-Wish in order to report the cryptojacking attack, but the foundation did not respond. However, the malicious injected script was eventually removed shortly after Trustwave attempted to reach the foundation, according to the report.
According to data acquired by Bloomberg, scales of cryptocurrency mining attacks have surged up to 500 percent in 2018. Recently, Internet security provider and research lab McAfee Labs uncovered a new Monero-mining malware called WebCobra that allegedly originates from Russia.
Earlier in November, Japanese global cybersecurity company Trend Micro detected a new strain of crypto-mining malware targeting PCs running Linux.
Source: , CoinTelegraph
Articles listed with Cash Tech News as the author are either general information, or may have been imported from another website, to bring our readers a rich media experience that encompasses articles that we find interesting, as well as those curated by others.
The views and opinions expressed here are for informational purposes only, and should not be confused with professional financial advice. These opinions are solely those of the author and do not necessarily reflect the views of CashTechNews.com. Every investment and trade involves risk. You should conduct your own research, and contact your professional financial advisor before making any investment.
Corrections, feedback, and ideas should be submitted through the website contact form.