Hackers have infected the Make-A-Wish Foundation global nonprofit organization with cryptographic malware, according to a report from the cyber security company Trustwave, published on November 19th.
According to Trustwave researchers, crypto-jackers have managed to incorporate a CoinImp JavaScript (JS) token in the worldwish.org domain in order to undermine the privacy-centric Monero cryptocurrency (XMR). Like the infamous mining software Monero, CoinHive, CoinIMP would have used the computing power of visitors to the website to extract the cryptocurrency.
According to the report, the CoinImp script has infected the website through the drupalupdates.tk domain, which is associated with another campaign that exploited a critical Drupal vulnerability to compromise Web sites since May 2018.
The researchers noted that the recently detected campaign implemented a number of techniques to circumvent detection, including alterations to its already obfuscated domain name, as well as several domains and IPs in a WebSocket proxy.
Trustwave reported that he contacted Make-A-Wish to report the cryptojacking attack, but the foundation did not respond. However, the malicious injected script was removed after Trustwave attempted to reach the foundation, according to the report.
According to data acquired by Bloomberg, the stocks of mining cryptocurrency attacks increased up to 500% in 2018. Recently, the lab and Internet research lab McAfee Labs has discovered a new malware of monero mining called WebCobra that allegedly comes from Russia.
Previously, in November, Trend Micro detected a new crypto-mining malware strain for PCs with Linux.
[ad_2]Source link