A Cybersecurity firm Trustware has reported on Monday, hackers have added CryptoJacking Malware on a Non-profit Organisation Make-A-Wish website.
As per the report, the domain worldwish.org was compromised because the hackers had altered and added a javascript malware Coinlmp into their website. This malware was used to mine Monero(XMR). When users visit worldwish.org the Coinlmp will use their computing power to mine Monero(XMR).
Coinlmp is similar to the other javascript miner CoinHive. Recently we heard several Cryptojacking cases where we had seen hackers used CoinHive.
This all occurred when a researcher from Trustware returned from vacation and noticed CoinImp detection on a “.org” domain.
The researcher added in the report,
[ctt template=”7″ link=”110Ki” via=”yes” ]We see many domains including “.org” & “.gov” being compromised and having Cryptojacking scripts injected into them on a daily basis.[/ctt]
After this, Trustware sent an alert to worldwish.org reporting the Malware on their website. But they didn’t respond and after some time the malicious miner was removed from the website.
Mid of this month we had seen a new type of malware has been detected which is targeting Linux users. This is also a Cryptojacking malware which is being used to mine cryptocurrency by stealing CPU power.
This shows us how Cryptojacking is becoming a trend for hackers to steal resources and mine cryptocurrencies. But to be on the safer side there are some plugins for browsers which can detect if a website is running Crypto miner. So you can find a plugin called “No Coin” for your browser and install it. This will block if there are any miners on a website.
Let me know in comments below if you know any other methods to stop crypto miners.