Children’s Foundation Website Infected with Crypto Mining Malware

Nov 26, 2018 at 20:00 Update Date :Nov 26, 2018 at 20:00 UTC

The Make-A-Wish Foundation website has been infected with the cryptojacking malware, Says the weekly reports of security firm Trustwave.

Criminals in the cyber world have reached to the roots of education system when they targeted the site of one of the world’s most popular foundations of children Make-A-Wish and infected the Make-A-Wish website with their crypto mining malware.

As per the recent reports, the CoinImp crypto mining script has been installed into the website of Make-A-Wish foundation, where it is used to compute the power of Make-A-Wish website visitors’ to mine crypto for the scammers.

Vulnerability in the Website

Make-A-Wish, a foundation with a website build on famous open-source content management system called Drupal. The firm Drupal has previously been stated that there is vulnerability in their software which allows hackers to install any malicious code into sites which don’t incorporate with the security patch. The older versions of Drupal with Remote Code Execution (RCE) vulnerability, have affected more than 1 Lakh websites.

The researchers at Trustwave think that the website of Make-A-Wish Foundation might have suffered from the same vulnerability. The foundation, however, has removed the infected malicious script from the website.

Cryptojacking is the process where the malicious code gets installed into the computer of users without their knowledge. As per the reports of Citrix, the malware has affected around 59% of the companies of the United Kingdom.

Cryptojacking in India

Cryptojacking is considered a big danger in India. Around 300,000 routers in India and Brazil have been affected with the crypto mining malware. According to the stats of The Economic Times (ET), the websites of the Indian government have not been substituted from this phenomenon. Various Indian portals have been affected by the cryptojacking risk.

As per a security researcher reported by The Economic Times, the websites of the country’s government is a target due to high traffic; as it is a trusted source of information for the users.

He said:

“Earlier, we saw a lot of government websites getting defaced (hacked). Now, injecting cryptojackers is more fashionable as the hacker can make money.”

The malware increases the power consumption of the owner and thus leads to more headache and unexpected bill.

Leave a Reply

Please Login to comment
Notify of