Websites Running on Drupal affected by Cryptojacking

Please share and grow the BitPinas community.

Many Drupal-based websites have fallen victim to a new cryptojacking incident.

As uncovered by Bad Packets Report, hackers injected the mining program called Coinhive into around 300 websites running the Drupal software. The injection of the mining software is made possible by the vulnerability found on older versions of Drupal.

Drupal is a content management system that can be used to create websites, among other things.

Coinhive is a software that runs on javascript. When inserted into websites, it will use the website visitors’ computing power to mine the cryptocurrency Monero.

After carefully extracting the relevant information, Bad Packets confirmed that 348 websites are affected by the hacking, all of them running outdated Drupal software. There seems to be no clear target, as the affected websites vary by country and even hosting providers. What’s alarming is that a number of those affected are either government or university websites.

The owners of the infected websites are advised to update to the latest version of Drupal immediately.

Cryptojacking is a new form of hacking wherein a vulnerability is exploited in websites in order to insert code that will use the website visitors’ computing power to mine cryptocurrencies. A lot of times, the provider has been Coinhive, whose mining software runs on javascript, a popular programming language that is found in many websites.

Source: Bad Packets, Coindesk

Please share and grow the BitPinas community.

Join and subscribe to stay up to date

Michael Mislos

A business ad graduate from the Pamantasan ng Lungsod ng Maynila, Mike is the website manager of Bitpinas.com. He is responsible for almost every content you see on the site, from topic/news selection to editing of articles. Mike believes correct information about blockchain and cryptocurrency can empower people to make accurate decisions about the industry, which, in turn, should deter bad actors from taking advantage of crypto & blockchain. [Telegram @mikemislos]

Michael Mislos
shares