“Researchers from C/Side have reported more than 3,500 sites infected with Monero’s mining scripts. Currently, harmful software does not steal cryptocurrency of users directly, however, attackers can add a purse theft function in the future. The main threat, according to experts, is for server owners and web -making applications that become a source of hidden profit for hackers. The group uses old infrastructure for […]”, – WRITE: Businessua.com.ua
Researchers from C/Side have reported more than 3,500 sites infected with Monero’s mining scripts.
Currently harmful software does not steal cryptocurrency of users directly, However, intruders can add a purse theft function in the future. The main threat, according to experts, is for server owners and web -making applications that become a source of hidden profit for hackers.
The group uses the old infrastructure for Magecart attacks, which provide for the placement of malicious code on the pages of payment for theft of financial information. The attackers probably have access to thousands of broken sites on WordPress and online stores.
“Miner’s implantation was a trivial task, they just added another script to load a hidden [коду JavaScript]Using existing access, ”the researchers said in a comment for Decrypt.
The peculiarity of this campaign is its invisibility. The scripts do not cause a splash on the CPU, but work through Webassembly with power limit and connection via WebSocket. This allows them to avoid the detection of traditional methods.
Recall that in May, the total capitalization of the sector of anonymous cryptocurrencies for the first time since the beginning of the year has exceeded $ 10 billion.
The gun
Please wait …