The Latest Crypto-Jacking and How to Prevent an Attack
Crypto-jacking has become pervasive on the internet. Recently hackers even hit the Make-A-Wish Foundation website, a charity that offers experiences for children with severe terminal illnesses.
How many people were affected by this hack?
The exact number of people affected is unknown. However, Make-A-Wish did not lose any money in the process, and none of the charity’s donors or recipient’s personal information leaked. But, it is also not clear how long the CoinImp software was running.
Anyone that visited the Make-A-Wish Foundation website in the timeframe, however, would have had their central processing unit (CPU) constricted without their knowledge. If you were one of those visitors, the bug overtaxed your CPU but likely nothing more. Not an ideal situation but it left no long-term harm. The constriction only lasted until visitors closed their tab or went to another webpage.
What is crypto-jacking?
Crypto-jacking is the process that allows hackers to use your computer to mine cryptocurrency when you visit a site that is infected. In other words, if you go to an infected website, hackers can use your computer as the device to gain cryptocurrency illegally.
How to prevent a crypto-jacking attack
You can minimize your risk of an attack by following these steps:
- Request a router from your ISP that has managed Wi-Fi including web browsing security measures.
- Install an ad-blocking or anti-crypto-mining extension onto your web browser.
- Use endpoint protection that is capable of detecting known crypto miners.
- Within a company, train your staff to recognize what a crypto-jacking threat may look like. Incorporate it into your security awareness training, and focuses on phishing-type attempts to load scripts onto users’ computers.
How did the Make-A-Wish Foundation hack happen?
A company called Trustwave SpiderLabs performed a scan of infected sites and realized that Make-A-Wish Foundation was in the list. The hackers didn’t take over the site in any extreme way, but they did gain access.
The Make-A-Wish Foundation website is built through a popular content management system (CMS) called Drupal. Drupal disclosed in March about a critical vulnerability that allowed hackers to inject malicious code into sites. Hundreds of sites fell victim to the virus, which was named Drupalgeddon 2 bug, and roughly 100,000 others were exposed as well.
So, the hackers used the unpatched Drupal bug to insert a crypto-mining software called CoinImp onto the site, which forced any visiting computers to mine the cryptocurrency called Monero.
How serious was this crypto-jacking hack?
Those that have a site built through Drupal may want to keep aware and alert of these crypto-jacking attacks. There has been a patch available for the bug for months. However, some companies and nonprofits can take a while to update their sites for various reasons. Maybe they do not have an IT security bandwidth large enough to perform it, etc. Regardless, not promptly fixing the problem gives cybercriminals an advantage.
Crypto-jacking is an issue that is on the rise. Cybercriminals are showing that they have very few limits to where they will deploy their attacks. No website on the internet is safe unless they get on top of their patches. Paying attention and being proactive is essential.