More than 300 websites using the Drupal content management system were infected with dangerous software used to mine Monero (XMR/USD) .
Troy Mursch, security researcher with the Bad Packets Report, discovered and released the information about the 392 endangered web pages.
“Yesterday, I was alerted to a cryptojacking campaign affecting the websites of the San Diego Zoo and the government of Chihuahua, Mexico. While this two sites have no relation to each other, they shared a common denominator – they both are using an outdated and vulnerable version of the Drupal content management system”.
After analyzing IoCs, Mursch was able to locate another 390 web pages sharing the same virus. Updating to the new version will protect Drupal users.
The hack devastated multiple organisations’ websites - universities, museums, banks and media outlets all took a hit. A full list of affected pages can be found here.
The Insider.Pro team has developed a Chrome browser extension that helps to protect your computer from illegal mining operations. Mine Control blocks resources, domains and IP addresses that share JavaScript code for cryptocurrency mining on your PC. Mine Control never collects your personal data.
By Nadya Astam