According to a report from a cybersecurity company Trustwave, the global non-profit organization, Make-A-Wish Foundation was recently infected with a crypto jacking malware.
The Illicit Act
Just like the Monero mining software CoinHive, the CoinImp also used the computing power of the website visitors to mine the digital currency.
The report further mentioned that the CoinImp script contaminated the organization’s website via a domain called drupal updates. After further investigation, it showed that the domain was linked to a campaign that exploited Drupalgeddon 2 in the wild since May this year.
While the campaign was updated multiple times since May, several website owners did not update their particular Drupal version with the timely updates. This permitted the crypto jackers to use their websites for mining cryptocurrency.
However, the cybersecurity firm uses dynamic web analysis to detect risks, these particular techniques are pointless against it.
The researchers further noted that the Drupalgeddon 2 is not just an attacking vector which cyber fraudsters utilize to infect the websites with Cryptojacking malware. The Cryptojacking occurrence is so widely spread that it is hard to discover whether a site owner added the mining code or the site is infected with malware.
The Researchers said that the firm reportedly tried to contact the Make-A-Wish Foundation to report about their website was infected with Cryptojacking malware. But the officials of the foundation did not respond to them.
According to the report, the crypto jacking malware was removed as soon as the cybersecurity firm attempted to reach the foundation.
The Growing Crypto Mining Attacks and the preventive ways
As per the information obtained from Bloomberg, the crypto mining attacks have increased up to 500 percent just in this year. In Early November, Trend Micro, the Japanese global cybersecurity firm detected a new strain of cryptocurrency mining malware that targets PCs running Linux.
The researcher lab and internet security service provider McAfee Labs released a new Monero-mining called WebCobra which is reportedly originated from Russia.