Make-A-Wish-Foundation Website Injected with Crypto Mining Malware
Cyber thieves have targeted the site of one of the most popular children’s foundations in the world and infected it with crypto mining malware.
Researchers from security firm Trustwave reported that a CoinImp crypto mining script was injected into the Make-A-Wish Foundation website and that this script used the computing the power of visitor’s to mine cryptocurrencies for the hackers.
The Make-A-Wish Foundation site was built on Drupal and earlier this year, Drupal announced that there had been a vulnerability in their software that allowed hackers to inject malicious code into specific sites that had not incorporated their security patch.
Trustwave researchers believe the Make-A-Wish Foundation website might have been fallen in through the same vulnerability. The foundation subsequently identified and removed the malicious script in question.
Cryptojacking, which involves the use of malicious code to force other computer users to mine cryptocurrencies without their knowledge, has become a near-epidemic for internet users.