logo
logo

Scumbags cram Make-A-Wish website with coin-mining malware

avatar
John Salmi
Nov 19, 2018 13:00
img

Do they accept Monero in Hell?

Researchers with Trustwave say the (now clean) WorldWish.org site was compromised via a Drupal exploit and seeded with malicious JavaScript that enlisted the CPU cycles of visitor's machines to covertly generate cryptocurrency.

It seems that the site was using an older version of the Drupal CMS that was vulnerable to CVE-2018-7600, the remote code execution bug known for marketing purposes as "Drupalgeddon 2."

The successful exploit of the vulnerability gives an attacker the current user's access level and, in the case of web servers, this means the ability to access and modify pages.

In the context of a crypto-jacking attack, the compromised page has a short script embedded into it that calls another server to get the actual cryptocoin mining script.

Having been widely reported since May, the Drupal bug is now easy to scan for and target for attack, thanks to readily available exploit scripts.

collect
0
avatar
John Salmi
Nov 19, 2018 13:00
guide
Zupyak is a free content platform for publishing and discovering stories, software and startups.