Was your web site created with Drupal?
You might be a victim of a hijacking by Cryptocurrency Miners!

Cryptocurrency MinersJeremy Kirk of Data Breach Today reports that hundreds of web sites have been hacked and their sites are being used by Cryptocurrency miners at the expense of site performance by driving up CPU utilization for infected sites.


The website for San Diego Zoo is one of hundreds that have fallen victim to Monero miners via a flaw in Drupal code.  A remote code execution vulnerability revealed in late March in the Drupal content management system is now being used on a large scale for mining virtual currency.


The number of websites that have fallen victim to cryptocurrency hijacking attacks now numbers more than 400. Various U.S. government sites, including the National Labor Relations Board and the Office of Inspector General of the U.S. Equal Employment Opportunity Commission, have also been hit.

The code planted on the infected websites “mines” the privacy-focused virtual currency Monero. Mining is the process that virtual currencies use to verify transactions on a blockchain.  When users visit an infected website, their computer begins generating hashes as part of a pooled effort to complete a block for the blockchain.  The mining ends, however, when someone closes the browser tab.  If the blockchain is completed, the hackers are credited with a unit of the Monero cryptocurrency and the web host and the visitor that triggered the mining are non-the-wiser.


Anti-Mining Defenses

There are now extensions that users can employ on the client side to detect and stop virtual currency mining but the responsibility to truly stopping it relies on websites ensuring they’re not infected in the first place.