Websites Running on Drupal affected by Cryptojacking

Many Drupal-based websites have fallen victim to a new cryptojacking incident.

As uncovered by Bad Packets Report, hackers injected the mining program called Coinhive into around 300 websites running the Drupal software. The injection of the mining software is made possible by the vulnerability found on older versions of Drupal.

Drupal is a content management system that can be used to create websites, among other things.

Coinhive is a software that runs on javascript. When inserted into websites, it will use the website visitors’ computing power to mine the cryptocurrency Monero.

After carefully extracting the relevant information, Bad Packets confirmed that 348 websites are affected by the hacking, all of them running outdated Drupal software. There seems to be no clear target, as the affected websites vary by country and even hosting providers. What’s alarming is that a number of those affected are either government or university websites.

The owners of the infected websites are advised to update to the latest version of Drupal immediately.

Cryptojacking is a new form of hacking wherein a vulnerability is exploited in websites in order to insert code that will use the website visitors’ computing power to mine cryptocurrencies. A lot of times, the provider has been Coinhive, whose mining software runs on javascript, a popular programming language that is found in many websites.

Source: Bad Packets, Coindesk