Security breach: hackers inject Monero miners on hundreds of WordPress sites

The websites which use the popular WordPress hosting were under a massive attack yesterday. Hackers tried to get the administrator credentials by simply entering passwords they thought can work, and in case of success, injected Monero mining viruses in them.

One of the security teams which was the monitoring the whole attack initially thought the hackers used the recent leak of passwords found on torrent portals, but then they realized these two events have no connection. What is even worse, infected websites not only mine Monero, but also participate in further hacks, which can be called a snowball effect. The company directly responsible for the security of WordPress, Wordfence, told it became much easier to understand the attack once of their clients owning a site that became infected agreed to provide control over it.

Mining virus is a relatively new way for hackers to get cryptocurrency by infecting computers and enslaving their system to mine coins, which greatly damages the performance. In-browser mining is more progressive - hackers get access to the site structure and inject a malicious code which makes the site visitors mine cryptocoins for hackers as long as they view any site page.

Observers note that Monero, despite its recent successful attempts to improve reputation, remains one of the favourite hacker tools and that the quantity of Coinhive-related attacks corresponds with the price growth: