Hacker hijack CoinHive DNS to dig virtual money with thousands of websites
When you heard about ransomware Bad Rabbit, did you think that was the worst thing that the security has recently received? No, here it is.
When you heard about ransomware Bad Rabbit, did you think that was the worst thing that the security has recently received? No, here it is.
CoinHive, a web service that allows the website to embed JavaCript to take advantage of the CPU of Monero peach site visitors, has been hacked. An unidentified hacker has hijacked Coinhive's CloudFlare account, allowing editing DNS servers and replacing Coinhive's JavaScript code being embedded into thousands of websites with an infected version.
https: // coin-hive [.] com / lib / coinhive.min.js
Get the password from the data leak
Hacker reused passwords leaked from the Kickstarter leak in 2014. DNS records for coinhive.com were modified to redirect requests to coinhive.min.js to another server containing the malicious version of the JavaScript file. Thousands of pages using Coinhive's script were tricked for at least 6 hours when downloading the Monero island code for hackers.
Your website may be digging money for strangers
Coinhive received attention after the world's largest torrent download site, The Pirate Bay, was discovered using a virtual money digging tool on its browser. Since then, thousands of other websites have also started using Coinhive to utilize the visitor's CPU and dig virtual money as another way to make money.
How many Coinhive words are earned in the pocket of hackers
Even hackers use Coinhive to check money from websites they hacked by silently injecting the script. Now the company is looking for ways to compensate for losses caused by this case.
How to prevent websites from exploiting your CPU to dig virtual money
Many anti-virus software, including Malwarebytes and Kaspersky, started blocking the script to prevent the user's computer CPU from being exploited to dig virtual money.
You can also install open source browser utilities like No Coin or minerBlock to block virtual money digging tools like Coinhive.
See also: How to block websites using your CPU to dig virtual money
You should read it
- New malware-digging tool on Linux devices
- Samsung produces dedicated chips to dig virtual money
- History of digging a bitcoin, from a regular CPU to an ASIC system
- VNCERT issued an emergency alert warning malicious code exploiting Coinhive virtual money
- Asus produces virtual money digging boards that support up to 20 GPUs
- The malware owner earned $ 63,000 from digging Monero on the IIS server
- Firefox 63 improves the virtual money digging tracking tool on the browser
- The Opera 50 browser can block websites that dig money from encryption from user machines
- How to block websites using your CPU to dig virtual money
- Warning: Bkav detected more than 700,000 computers in Vietnam infected with virtual money digging virus that slowed down the computer
- Malware digs virtual money over antivirus programs, forcing Windows to crash
- What to do when the computer is infected with a virus that fights virtual money?
Maybe you are interested
How to fix NoxPlayer Has Stopped Working error How to Identify Pure Sandalwood Powder Practice typing 10 fingers, typing fast with Mario Teaches Typing game Hotmail launches 5 completely new features How to open multiple NoxPlayer emulators at the same time 10 best Android emulator software for Windows