Cybercriminals injected a significant number of websites running the Drupal content management system with malicious software used to mine the cryptocurrency Monero.
The discovery was made by Troy Mursch, the security researcher of Bad Packets Report.
He posted that over 300 sites have been compromised by hackers who installed the browser mining software Coinhive. This mines the crypto Monero by exploiting a flaw in an outdated version of Drupal CMS.
Cryptojacking became a common issue lately
A while ago, hackers used to prefer ransom attacks in which they would scramble with the victims’ data and demand ransoms in bitcoin or other cryptos in order to decrypt their data, and now they seem to prefer infecting websites with software that harnesses computers to mine cryptocurrency in the attackers’ behalf.
Cryptojacking continues to be a stringent issue, especially for website operators.
— Bad Packets Report (@bad_packets) May 4, 2018
“Yesterday, I was alerted to a cryptojacking campaign affecting the websites of the San Diego Zoo and the government of Chihuahua, Mexico. While these two sites have no relation to each other, they shared a common denominator — they both are using an outdated and vulnerable version of the Drupal content management system,” Mursch began his blog post.
“After I analyzed the IoCs, I was able to locate over 300 additional websites in this cryptojacking campaign. Many discovered were government and university sites from all over the world,” Mursch wrote.
He also offers a few solutions for stoping cryptojacking in your browser, so it’s best to head over to his blog and read the entire post.
It’s important to note that visitors to affected websites may not even be aware of the fact that their computers are running the cryptographic functions that are used to generate Monero for hackers.
The attacks slow the systems, and they are able to cause wear and tear of the CPUs.