Hundreds of Municipal Websites Have Been Attacked by Hackers

A hacker attack exposed hundreds of websites that used the content management system Drupal. This was carried out by the cybercriminals in order to mine the Monero cryptocurrency. Most of the affected resources belonged to different government bodies. The information was provided by the expert on cybersecurity Bad Packets Report, Troy Mursch.

Hackers attacked about 400 sites by installing Coinhive software on the browser for mining the cryptocurrency Monero. The digital currency was mined due to vulnerabilities that were present in some versions of Drupal.

Mursch assures that theft of this nature does not have a particularly harmful effect, unlike “extortionist viruses”. However, in spite of Mursch’s opinion, “cryptojacking” is still an unsolved problem for operators of hacked websites.

“It’s all because Coinhive and other cryptographic software just use JavaScript. All modern browsers and devices support JavaScript, so they can all be used for cryptocurrency mining and, unfortunately, the Coinhive program continues to be misused time after time. In this particular case, Drupal users need to update their software as soon as possible,” Mursch told CoinDesk.

The victim list includes the San Diego Zoo, the National Labor Relations Council, the Marion Administration, the University of Aleppo, the Ringling College of Fine Arts and Design, the government of the Mexican city of Chihuahua and others. A special list has been created for acquaintance with all the victims.

The most horrible thing is that hacking computers and devices for mining Monero is completely unnoticeable for users of the pages. If you’re lucky, it’s possible to notice that productivity has slowed down due to cryptographic processes. However, if you do not do it, this may cause the CPU to wear out and overheat.

We want to point out that the Coinhive software is used not only for hacking. For example, UNICEF uses the program to conduct charitable events.

Subscribe to The Coin Shark news in Twitter: