coincentral-main-menu-search-eyeglass
Hamburger X.

Hundreds of Websites Infected with Coinhive Software, Visitors Mine Monero Unawares

hacker

Coinhive Cryptojacking Infects Hundreds

More than 300 websites that use the Drupal content management system were infected with Coinhive, a JavaScript software used to remotely mine Monero through a website visitor’s browser. Among others, the afflicted websites were those for the San Diego Zoo, the government of Chihuahua, Mexico, UCLA, Lenovo, and the U.S. Equal Employment Opportunity Commission. You can find a comprehensive list of affected websites here.

As of May 8, Coinhive has terminated the site key used to infect the websites and the cryptojacking campaign has since subsided.

Troy Mursch, security researcher at Bad Packets, unearthed the widespread infestation. He first found evidence of the cryptojacking on the San Diego Zoo’s website, discovering a trace of the same JavaScript library (jquery.once.js?v=1.2) embedded in the Chihuahuan government’s website code, as well. Mursch followed this breadcrumb trail back to vuuwd.com, the domain used to inject the malware.

After further investigation, Mursch found that the same domain and the Coinhive site key, KNqo4Celu2Z8VWMM0zfRmeJHIl75wMx6, were used to infect a total of 348 websites. To pair down his search, Mursch used proprietary tools developed by Dan Snider and PublicWWW.com, “a source code search engine that allows you to quickly locate potentially affected websites,” he told CoinCentral.

“Given that Coinhive is just JavaScript (that you’ll find in the source code of websites), PublicWWW is an excellent resource” for snuffing out the software, he continued.

All of the affected sites were running the same vulnerable versions of Drupal’s content management system. As such, Mursch implores entities and websites that run Drupal’s system to update to a more robust option immediately.

Cryptojacking, as it’s been branded, the act of infecting websites with mining malware to permisionlessly use visitors’ computing power to mine cryptocurrencies, has become an increasing topic of cyber security concern. Coinhive, which has been deployed for consensual browser mining by the likes of Salon and UNICEF for charity, specifically mines Monero and has been the go-to for hackers looking to make a quick buck.

While “the number of sites using Coinhive has declined somewhat since [last year],” Mursch tells us, he and the Bad Packets team “still find Coinhive being utilized in cryptojacking campaigns as we see with this one targeting vulnerable Drupal sites.”

It can be difficult to tell if a computer has been infected by Coinhive or a related mining malware, but a sluggish operating system and spikes in your computer’s processing power can be sure signs.  Downstream fixes can come in the forms of virus scans and wiping your computer of malicious software, but as a preventative measure, you can download the minerBlock browser extension for Chrome to reinforce your computer against cryptojacking attempts.

You can find Troy Mursch’s original report on the findings here.

 

NEWSLETTER

Newsletter (Sidebar)

  • This field is for validation purposes and should be left unchanged.

RELATED ARTICLES

mining

Mining the Future of Money: Building a GPU Mining Rig

Mining the Future of Money: But First, Context This article is a guide for those curious about one of the most fundamental mechanisms in the world of cryptocurrencies. Before I get too deep, I always feel like providing the proper…

Read More
Litecoin Cash

What is Litecoin Cash (LCC)? | A Beginners Guide

What is Litecoin Cash (LCC)? Litecoin Cash (LCC) is a Litecoin fork that has a higher max supply, runs the SHA256 mining algorithm, and has better difficulty adjustment. Forks, forks everywhere. 2017 was a record year for cryptocurrency forks. There…

Read More
Internet of Things

Internet of Things (IoT) and Blockchain – What Are the Possibilities?

Many people speculate as to whether the Internet of Things (IoT) and blockchain technologies will reinforce each other, or end up crashing hard.

Read More

NEXT ARTICLE

Getting Started Gold Bars.

NEXT ARTICLE

Internet of Things (IoT) and Blockchain – What Are the Possibilities?

Many people speculate as to whether the Internet of Things (IoT) and blockchain technologies will reinforce each other, or end up crashing hard.

ABOUT THE AUTHOR

Getting Started Gold Bars.

ABOUT THE AUTHOR

Colin is a freelance writer and crypto-enthusiast based in Nashville, TN. When he’s not speculating crypto futures, he’s probably letting his hair down and/or heading to a music festival–because stereotypes exist for a reason.