Aussie websites targeted by cryptojacking campaign

Aussie websites targeted by cryptojacking campaign

At least four Australian websites using an outdated version of the Drupal CMS were affected

At least four Australian websites have been targeted by a cryptojacking campaign that installed browser mining software Coinhive to mine the cryptocurrency Monero.

Security researcher Troy Mursch wrote about the campaign on Bad Packets saying that he had located more than 300 websites that had been a target of the campaign.

The websites were all using an outdated and vulnerable version of the Drupal content management system, according to Mursch.

The security researcher explained that the malicious code was contained in a JavaScript library.

"Soon thereafter, I was notified of additional compromised sites using a different payload," Mursch wrote. "However, all the infected sites pointed to the same domain using the same Coinhive site key."

After looking closely at the domain name that all infected sites were pointing to, Mursch found that the email address used was associated with other domain registrations.

Mursch ran a scan of more than 100,000 sites which got him down to 348 infected websites.

"The affected sites varied by hosting providers and countries and no specific one appeared to be targeted. The most unique domains were found in the United States and were hosted by Amazon," he explained.

A full list can be accessed here.

Follow Us

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Tags drupalmoneroCryptojacking


Show Comments