Hackers embedded a cryptojacker in the Make-A-Wish site worldwish.org. This malware uses the computers of site visitors to mine cryptocurrency for the hackers. Thanks to watchdog, Trustwave SpiderLabs, Make-A-Wish was able to successfully remove the cryptojacker from their site.
It goes without saying that this recent attack on the Make-A-Wish Foundation is especially unpleasant
As you probably know, The Make-A-Wish Foundation is a non-profit that helps fulfill wishes of children with terminal illnesses. Simon Kenin of Trustwave SpiderLabs discovered the cryptojacking. Trustwave is self-described as an “elite team of ethical hackers, forensic investigators and researchers helping organizations fight cybercrime”.
The vulnerability lies in the open source software behind Make-A-Wish’s website, Drupal. Unfortunately, Drupal realized last spring that a version of their software was extremely susceptible to hacks. By that time, hundreds of sites had been infected, and Drupal sent out a memo to update to the latest patch immediately. Unfortunately, Make-A-Wish was still running the compromised version on their website. And nefarious hackers know how to search for such weak points. Also affected due to outdated Drupal versions were Lenovo and even the U.S. National Labor Relations Board, among many others.
Hacking is all too common, and often involves cryptocurrency
Naturally, its anonymity as a digital payment makes it a popular choice. Besides mining via cryptojacking as in the Make-A-Wish case, another popular way for hackers to make money is through ransomware. With ransomware, a hacker will commandeer a company’s data or network and demand a ransom before returning it. Recently, the hacker group known as SamSam has infiltrated companies, hospitals, and even city governments, forcing them to shut down operations for days.
In only the last month, we’ve also seen several cases of fraudulent crypto offerings. But unlike your garden variety ICO scams, these were advertised through hacked Twitter accounts. Target and Elon Musk are the two recent standouts. Fortunately, for these cases at least, Twitter is working to meet these new security needs.
And as for the Make-A-Wish hack, it’s an important reminder to update software. Karl Sigler, threat intelligence manager of Trustwave SpiderLabs said,
“Criminals are going to be running just some vulnerability scans. They probably have some command line scanner that only scans for one specific, or two or three specific vulnerabilities, and then they just start tossing web server addresses at it”
Fortunately the malware only affected visitors to the Make-A-Wish website worldwish.org while they had the site window open in their browser.
Want the latest crypto news? Join our Telegram Channel