L.A. Times Website Injected With Cryptocurrency Mining Script

By   ISBuzz Team
Writer , Information Security Buzz | Feb 26, 2018 11:20 am PST

Following the news that L.A. Times website was injected with Monero cryptocurrency mining script, IT security experts commented below.

Carl Wright, Chief Revenue Officer at AttackIQ:

“Once again, hackers took advantage of a misconfiguration to inject mining script – this time the attackers went after the L.A. Times website. Like other organizations, the fallout from this attack could seriously damaging the site’s reputation, credibility and revenue streams. It’s another all too common tale for organizations– and it could have been avoided. The attack surface has significantly expanded for many enterprises – without any guarantee of uniform security controls and processes. Consequently, it’s even more imperative that organizations assume attackers are constantly testing security controls for misconfigurations. If organizations are not continuously validating their security controls at this stage of the game they are going to end up a headline.  How many more epic failures that could have been prevented will it take before people start testing?  This is seriously getting ridiculous.”

Zohar Alon, Co-Founder and CEO at Dome9:

Zohar Alon“Last year, we saw a spate of breaches where hackers went after valuable data in the public cloud. But data is not the only valuable asset in the cloud. Now we’re starting to see hackers steal compute cycles for crypto mining. By flying under the radar, these illegal mining operations can go undetected for months, racking up the public cloud bill and costing millions.”



Notify of
0 Expert Comments
Inline Feedbacks
View all comments

Recent Posts

Would love your thoughts, please comment.x