Coinhive has been hacked by cybercriminals who have obfuscated Coinhive’s shortlinks to perform in-browser mining according to researchers at Malwarebytes.
Chris Olson, CEO at The Media Trust:
“Cryptomining malware has unseated ransomware as malware perpetrators’ top weapon of choice, mainly because it is lucrative and hard to detect. The sizable cryptomining malware “ring” recently uncovered shows the growing sophistication and scale of cryptojacking campaigns. To prevent their websites from being commandeered for drive-by mining, website operators need to do three things: (1) flag known malicious domains and Coin-hive related source code and shut them down once detected; (2) continuously scan their sites’ network activity and keep a close watch for any unauthorized obfuscated JavaScript code delivered by their sites to identify and terminate unknown threats; and (3) work closely with third party website support providers to strengthen each other’s security posture, so none of them will be compromised. The final point is key, because no organization today can defend itself singlehandedly in today’s foreboding malware landscape.”
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.