Die Kryptoszene ist auch für ihre Schnelllebigkeit bekannt – neue Blockchain-Projekte sprießen wie Pilze aus dem Boden, andere Sterne am Kryptohimmel verglühen genauso schnell, wie sie aufgegangen sind. In unserer Reihe „Was ist eigentlich aus … geworden?“ wollen wir uns in regelmäßigen Abständen mit Projekten befassen, um die es in der letzten Zeit etwas ruhiger…Der Beitrag erschien zuerst auf .
Cryptojacking, the novel hacking process which inflicts a victim’s computer with code to mine cryptocurrency, is evidently on the rise as hackers have targeted hundreds of popular websites with fraudulent software to mine the fungible digital coin .
“Cryptojacking” A Sophisticated Crime
In 2018 alone, thousands of users have fallen victim to malicious cryptojacking code. Surprisingly, it is not from accessing a “shady” website that causes users to be “cryptojacked,” as hackers are using sophisticated methods, such as masking and mimicking popular websites to trap undoubting users.
The latest incident was unearthed by Bad Packets Report’s researcher Troy Mursch, who on May 5, 2018, that more than 300 websites have been targets of cryptojacking.
Once again, the infamous browser mining software Coinhive was compromised and used by hackers to mine the cryptocurrency , by exploiting an “outdated and vulnerable version” of a content management software.
According to the post, Mursch was notified about the “crypto-hacked” websites of the government of Chihuahua, Mexico, and San Diego Zoo, after which the cyber-security sprung into action.
found on the website of the San Diego Zoo () in the latest high-profile case of .
— Bad Packets Report (@bad_packets)
During his investigation, Mursch observed a similar code in the JavaScript libraries of the affected websites. The code, contained in “/misc/jquery.once.js?v=1.2,” revealed the attacker’s Coinhive domain, where Mursch discovered a changed version of the popular mining software.
(Source: )
Later on, by reverse checking the suspected domain address on IP-checker site , Mursch was able to find out the associated email address of the hackers, which was then used to check the world wide web using all common denominators as search parameters.
Looking at the historical DNS records on we find was recently involved in Monero (XMR) mining operations. So it seems fitting to continue the trend with today's cryptojacking incident using .
— Bad Packets Report (@bad_packets)
Affected sites include the City of Marion, Ohio, the University of Aleppo, and the National Labor Relations Board, Mexico. The full list of affected sites can be accessed on this .
Attacks Possible Due to Coinhive’s JS Usage
Mursch believes that the root cause of Coinhive being the center of a majority of cryptojacking attacks is due to its use of a JavaScript-based program, that is easy to inflict.
Speaking to CoinDesk, Mursch :
“This is because Coinhive and other cryptojacking services (malware) are simply done with JavaScript. Every modern browser and device can run JavaScript, so as such, everybody can mine cryptocurrency and unfortunately Coinhive has been used and abused time and time again. [In] this particular case, Drupal users need to update [as soon as possible].”
An increasingly common cyber-nuisance, hackers have employed a number of ways to extract money. Amongst them are, as previously by BTCManager, sensitive data to a cryptocurrency-only ransom, and on YouTube Ads to inflict computers.
The post appeared first on .
Blockchain startup Brickblock has raised €5 million in its Series A funding round. Led by Finch Capital, the funding will be used to accelerate BrickBlock’s ambition to “revolutionize the way real-world assets are bought and traded,” Brickblock’s CEO and co-founder Jakob Drzazga said. Following the investment, the Gibraltar-headquartered startup has appointed Radboud Vlaar, partner of […]
The post appeared first on .
