Drupal breach leads to mining virus infection of over 300 websites
New reports coming from cybersecurity expert Troy Mursch tell that the content management system called Drupal had been compromised so seriously that it had led to the infection of hundreds of websites controlled with it. Most infection cases include CoinHive, a mechanism which allows in-browser mining via the PCs of the sites’ viewers. Mined funds are transferred to criminals.
The list of victims includes the official sites of cities, trade unions, universities and even Mexican government branches. Due to the high range of suffered organizations, the breach is likely to be fixed in the coming weeks.
The CoinHive mechanism has been described on Bitnewstoday in the past, apparently, it is widely used due to its simple structure and easy means of installation. However, it’s not inherently bad: for example, a news website has found a way to deal with ad blockers by openly using it. One can see a separate report on this theme.
The Drupal breach has also been used by the authors of another mining virus which is much more sophisticated than regular CoinHive-using programs. The malicious set of tools can infect both servers and sites they manage, efficiently setting up a vast source of income for miscreants.
Image courtesy of Alvin Kasiban / Manila Bulletin