Cyber hacking is nothing new but surely some of these hackers have some kind of moral compass?!
One of the most recent victims of cyber hacking is the United States based, non-profit organisation Make-A-Wish Foundation which recently had its website hacked. Since March this year, the hacker has been taking advantage of the Drupal vulnerability to mine the Monero cryptocurrency as per its research findings from an independent research lab.
For those that don’t know Drupal is a free and open source content management framework written in PHP and distributed under the GNU General Public License. The open-source platform provides a back-end framework for over 2 percent of all websites across the globe.
The research company made note that bad actors had an easy entry into the website as it was using an older version of the Drupal content management system.
Simon Kenin a security researcher at Trustwave stated:
“A quick investigation showed that the domain ‘drupalupdates.tk’ that was used to host the mining script are part of a known campaign which has been exploiting Drupalgeddon 2 in the wild since May 2018.”
As reported by BTC Manager, the findings of Trustwave also suggest that similar kind of crypto hacking activities have been taking place since May this year and is part of the popular campaign that has been exploiting Drupalgedden 2. It also highlights that although the campaign has been updated several times since May this year, there are many owners of some websites which haven’t been flexible enough to be able to update their Drupal CMS version on a timely basis.
In a report Kenin stated:
“Embedded in the site was a script using the computing power of visitors to the site to mine cryptocurrency into the cybercriminals’ pockets, making their 'wish' to be rich, come 'true'. It’s a shame when criminals target anyone but targeting a charity just before the holiday season? That’s low.”
What are your thoughts? Let us know what you think down below in the comments!