The software attack 'Cryptojacking' reaches hundreds of websites with Drupal
The hackers have injected hundreds of websites that run the Drupal content management system with malicious software used to extract the Monero cryptocurrency.
This latest incident was discovered by Troy Mursch, the security researcher behind the Bad Packets Report website. He wrote on Saturday that more than 300 sites were compromised by hackers who installed the Coinhive browser mining software, which extracts cryptocurrency, exploiting a vulnerability in an outdated version of Drupal's content management system (CMS).
"Cryptojacking", as they are called similar attacks, has become a common problem in recent months. While hackers used to favor rescue attacks, in which they encoded victims 'data and demanded bailouts in Bitcoins or other cryptocurrencies to decrypt them, they now increasingly infect websites with software that takes advantage of visitors' computers to extract cryptocurrencies. on behalf of the attackers. .
Mursch said that although cryptojacking is not as open as ransomware, "it's still a problem, especially for website operators."
He explained:
"This is because Coinhive and other encryption services (malware) are simply made with JavaScript. All modern devices and browsers can run JavaScript, so everyone can extract cryptocurrencies and, unfortunately, Coinhive has been used and abused again and again. ] In this particular case, Drupal users should update as soon as possible. "
The affected sites include the San Diego Zoo, the National Labor Relations Board, the City of Marion, Ohio, the University of Aleppo, the Ringling School of Art and Design and the government of Chihuahua, Mexico. A full list of affected sites is available in this spreadsheet.
It is possible that visitors to affected websites may not realize that their computers are running the cryptographic functions used to generate the Monero for hackers. However, attacks slow down users' computers and can cause wear and tear on computer processors.
However, not all Coinhive users are malicious. Salon, a media outlet and UNICEF use the software to raise funds, but they only execute it with the permission of the visitors.