On Saturday 5th may 2018, Hackers have stolen data from organizations by targeting web-based applications which have Drupal content management system [CMS] with malicious software which is used to mine the cryptocurrency Monero [XMR].
This crime was brought to light by a Security Researcher of the website Bad Packets Report called Troy Mursch. Out of his research, he has found that more than three hundred web-based applications were hacked.
A mining software called Coinhive is used by the hackers, which was installed on the browser. Coinhive is used for mining XMR by exploiting the vulnerability in an outdated version of the Drupal content management system.
In the recent months, ‘Cryptojacking’ has been a serious problem in the cyber world. The term ‘Cryptojacking’ referred to as a form of cybercrime in which a hacker hijacks and uses the victim’s computing and processing power used to mine cryptocurrency on the hacker’s need.
The hackers are now demanding ransom from the victims in the form of Bitcoin or any other cryptocurrency to decrypt the hacked data. The Hackers would steal and scramble the information which they have found from the victims’ web-based applications and other areas where the injection has been executed.
Hackers are now increasingly infecting various websites with software which has the ability to harness visitors’ computers so that they can mine cryptocurrency on hacker’s behalf.
Troy Mursch has mentioned the names of the websites which were hacked, the list has around three hundred names including the websites of the San Diego Zoo, the National Labor Relations Board, the City of Marion, Ohio, the University of Aleppo, the Ringling College of Art and Design and the government of Chihuahua, Mexico and many more.
While visiting these hacked websites, one may not even understand or notice that their base computers are performing different types cryptographic processes which are used to mine XMR for the hackers.
‘Coinhive’ is just an application which is used to mine cryptocurrency like XMR, it is just been misused by hackers to their advantage. UNICEF uses Coinhive to raise funds, but only runs it with the permission of the user.