Crypto Mining Malware Infects Make-A-Wish-Foundation Website

Cyber criminals seem to have reached a new low, as they have targeted the site of one of the most popular children’s foundations in the world and infected it with crypto mining malware.

Who would have thought that out of desperation, cybercriminals would even not spare children’s foundation website. Researchers from security firm Trustwave In a published report said that cybercriminals injected crypto mining script into the Make-A-Wish Foundation website. This script used the computing power of visitor’s to mine cryptocurrencies for the hackers.

The website was built on Drupal, which is a popular open-source content management system. Earlier Drupal had announced that there is a vulnerability in their software that allowed hackers to inject malicious code into specific sites that had not incorporated their security patch. Just this spring, the Drupalgeddon 2 bug, a Remote Code Execution (RCE) vulnerability in older versions of Drupal, affected over 100,000 sites.

Researchers at Trustwave believe the Make-A-Wish Foundation website might have been compromised through the same vulnerability. The foundation subsequently identified and removed the malicious script in question.

The use of the malicious code is what makes Cryptojacking work, and it involves forcing other computer users to mine cryptocurrencies without their knowledge. This is an epic transformation for internet users.

A crypto jacking malware had hit at least 59% of UK companies at some point, as revealed by Citrix earlier this year. With over 300,000 routers in Brazil and India, crypto jacking is a menace in these places. According to ET News, Indian government websites had not been spared from this phenomenon, stating that widely trusted Indian portals had been exploited by the crypto jacking menace.

According to a security researcher quoted by ET, government websites were targeted due to the high number of online visitors and the trust these visitors have when they visit them.

“Earlier, we saw a lot of government websites getting defaced (hacked). Now, injecting crypto jackers is more fashionable as the hacker can make money.”

Internet security provider McAfee Labs weighed in on the epidemic last week, warning users of a new crypto jacking malware called “WebCobra,” which it said can operate without a trace on a victim’s computer.