As cryptocurrency and blockchain technology is evolving and gaining more fame, everyone has started focusing on the crypto game. Lately, I have been reading about how video streaming and torrent websites using some kind of script to mine cryptocurrencies as monetization.But I never though hackers could also use it by putting the script on other's website and earn money until I got to see it myself.
Yesterday I found out that one of my WordPress websites was hacked as Kaspersky Antivirus denied to open my in any browser saying it contained some kind of serious malware threat.
Below was the screenshot of Kaspersky Alert Message on browsers.
I wasn't familiar with this error since this has happened first time with me. Then I tried running Sucuri Website scanner and it detected some threats as malware.cryptominer.1 as in image.
Sucuri detected plenty of pages with
malware.cryptominer.1. I didn't have any idea about this malware since I didn't hear about it before. So looked up Sucuri's malware DB and learned that it's a same old WordPress brute force attacks with new variations.
As per Sacuri's Description:
Website contains a script that among other things injects a Coinhive JavaScript miner into browsers of the site visitors.
The script is typically injected into the footer section of web pages. It hides from search engine bots and changes frequently. The main decoded part looks like a fake base64-encoded image
As WordPress is the most popular CMS and blogging platform, it is always the number one target for hackers.But now they are taking it to a new level with the growing blockchain technology and cryptocurrency. And a new platform called Coinhive comes to be a mighty angel for them.If you don't know yet, Cognitive is a platform which offers a JavaScript miner for the Monero cryptocurrency that anyone can embed in his website and to mine Monero from visitor's CPU power.And hacker's are using the same javascript miner from Coinhive to mine cryptocurrency for them.
What they do here is they hack the website(in my case WordPress) and insert the miner code from coinhive somewhere inside your core files to mine crypto for them. Running some further scans I noticed suspecious codes inside Jeckpack Plugin. I was using pretty much older version of jetpack and updating this solved the problem for me right now but I am not sure whether it's permanet.
PS: At least keep your Wordpre,Themes and Plugin Up to Date.
Posted on Utopian.io - Rewarding Open Source Contributors
Thank you for your contribution.
While this is great info, it cannot be approved yet as blog posts are required to be well structured, formatted, and have a recurring pattern. See the Utopian Rules. Please edit your contribution to reapply for approval.
You may edit your post here, as shown below:
You can contact us on Discord.
[utopian-moderator]
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
Thanks for the warning @katteasis!
Resteemed for some more visibility.
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
thanks :)
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
No problem!
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
Learn more about malware.cryptominer here - https://secure.wphackedhelp.com/blog/remove-coinhive-malware/
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
You are an excellent teacher . Thank you ver much for the share
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
Thats one important alert.
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
Remember, that you need to reply to a moderator's comment after you're done editing your post. You're running out of time on this one, as the post is approaching 7 days.
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
Thanks for letting me know, but I haven't edited it since I thought to leave it as it is.
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
Hey @katteasis. I don't know if we have time on this one, but I could help with the blog format in the future. Just hit me up on Discord if you like. :)
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
I think it's too late for now. Will surely buzz you next time. Thanks a lot :)
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
Sure thing @katteasis. Glad to help if I can.
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
Your contribution is rejected due to reasons given by @mcfarhat.
You can contact us on Discord.
[utopian-moderator]
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit