Stories
Slash Boxes
Comments

SoylentNews is people

posted by Fnord666 on Monday November 19 2018, @04:06PM   Printer-friendly
from the I-know-what-kind-of-wish-*I*-would-make dept.

Make-A-Wish Website Crammed with Coin-Mining Malware:

Researchers with Trustwave say the (now clean) WorldWish.org site was compromised via a Drupal exploit and seeded with malicious JavaScript that enlisted the CPU cycles of visitor's machines to covertly generate cryptocurrency.

It seems that the site was using an older version of the Drupal CMS that was vulnerable to CVE-2018-7600, the remote code execution bug known for marketing purposes as "Drupalgeddon 2." The successful exploit of the vulnerability gives an attacker the current user's access level and, in the case of web servers, this means the ability to access and modify pages.

In the context of a crypto-jacking attack, the compromised page has a short script embedded into it that calls another server to get the actual cryptocoin mining script. That server can also be obfuscated by changing its address or bouncing the connection off other servers. When a user visits the infected page, the mining script is called and the user's machine is used to generate cryptocurrency for the attacker.

Having been widely reported since May, the Drupal bug is now easy to scan for and target for attack, thanks to readily available exploit scripts. This means anyone from novice cybercriminals to large, organized groups could be behind the attack.

[...] "For all we know this is one poor administrator trying to handle an international website with a lot of users," Sigler explained.

"We have seen time and time again where security gets overlooked."

Protecting against the attack is easy enough: Make sure Drupal (and all other web server apps) are updated and fully patched. Admins should also keep a close eye on any changes or unusual activity on their pages that could signal an attack.

What kind of person would compromise a site that grants wishes to dying youngsters?


Original Submission

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 5, Funny) by ikanreed on Monday November 19 2018, @04:53PM

    by ikanreed (3164) Subscriber Badge on Monday November 19 2018, @04:53PM (#763915) Journal

    You know, my neighbors weren't happy about when I made a similar "lock your upper story windows" argument.

    Starting Score:    1  point
    Moderation   +4  
       Funny=3, Touché=1, Total=4
    Extra 'Funny' Modifier   0  
    Karma-Bonus Modifier   +1  

    Total Score:   5