Advertisement

Earlier this year, Forbes reported that crypto jacking is now the world’s most popular cyberthreat after displacing ransomware from the top spot. Apparently, the threat is now so prevalent that hackers are indiscriminate when it comes to their target. Their latest victim is the Make-A-Wish Foundation, a charitable organization which aims to fulfill the wishes of children who are diagnosed with critical illnesses.

Crypto Mining Script Found on Make-A-Wish Site

Researchers from TrustWave Holdings, an information security company based in Chicago, Illinois, discovered that one of Make-A-Wish’s sites was infected with crypto jacking malware. In a company post, the security firm revealed that https://worldwish.org/en, one of the foundation’s sites, was compromised with a crypto mining script called CoinImp.

Advertisement

Further investigation by the cybersecurity firm showed that the domain used to host the mining script is “drupalupdates.tk.” This suggests that the incident is part of the long-running hacker campaign since May 2018 that exploited vulnerabilities in the Drupalgeddon 2.

Drupalgeddon 2 Vulnerability

The vulnerability of Drupalgeddon 2 was already revealed as early as March this year, according to ZDNet. While patches have been released since May to address this issue, many Drupal site owners failed to promptly update their Drupal website manager (CMS) allowing hackers to infect their systems with the CoinImp malware.

Trustwave noted that the hacker’s campaign uses different techniques making the intrusion hard to detect with static detection methods such as changing the domain name that hosts the JavaScript miner. The security firm said that systems using dynamic web analysis such as its Trustwave SWG would have revealed the malware.

Cyberjacking is a form of cyber-attack where hackers install crypto mining software into a device without its owners knowing about it. Once a device is infected, it will then start mining cryptocurrencies for the hackers without alerting the device’s owner. This form of cyber attack started to gain popularity last year when crypto prices skyrocketed with the 2017 rally, which made mining a very lucrative activity.

Follow us on Telegram | Twitter | Facebook

Advertisement
Featured Image from Shutterstock.

Blokt is a leading independent cryptocurrency news outlet that maintains the highest possible professional and ethical journalistic standards.