Make-A-Wish Foundation is the latest victim of crypto-jacking malware

20 Nov, 2018
by Richard Allen
News
Make-A-Wish Foundation is the latest victim of crypto-jacking malware

Hacking Elon Musk and Target's Twitter account is one thing, but embedding cryptocurrency mining malware on a charity’s website is something else entirely. The Hard Fork reports that Make-A-Wish Foundation’s official website is the latest to fall prey to crypto-jackers.

Researchers from Trustwave detected that one of the Foundation’s websites, worldwish.org, had been compromised by a generic mining script known as CoinImp. The script hijacks the user’s computing power to mine cryptocurrencies.

According to the researchers, the website was vulnerable because the owner’s hadn’t updated Drupal’s content management system.

Trustwave has reported that the malicious script has since been removed from the website.

The frequency of crypto-jacking websites has been on the rise over the last year, with seemingly no website off limits. according to the Hard Fork, hackers have been able to exploit up to 400 major websites as a result of outdated Drupal versions, including the US National Labor Relations Board, Chinese tech company Lenovo, Taiwanese network hardware manufacturer D-Link, and the University of California.

A September report by McAfee Labs indicates that roughly 2.5 million new cases of crypto mining malware have cropped up in the first half of 2018 alone.

Follow Chepicap now on Twitter, Telegram, and Facebook!

Add a comment

Check out the latest news

You will be logged out and redirected to the homepage