Recently rumoured that Coinhive has been hijacked. Coinhave is a popular browser-based service. Coinhave offers website owners embed JavaScript to take advantage of the CPU power of their site visitors for mining Monero.
Reportedly, an unknown hacker managed to hijack CloudFlare Coinhive account that allows him to modify his DNS server. Hackers hijack DNS CoinHive so Hackers can also replace the official Coinhive JavaScript code embedded into thousands of malicious websites: https://coin-hive[.]Com/lib/coinhive.min.js
Hackers Using Passwords That Leaked from Data Breach 2014
Apparently, the hacker reuses the old password to access the leaked CloudFlare Coinhive account in Kickstarter data breach in 2014.
"On October 23 at approximately 22:00 GMT our DNS account (Cloudflare) was accessed by attackers. The DNS records for coinhive have been manipulated to redirect the request of coinhive.min.js to a third-party server. "Coinhive said in a blog post.
"This third-party server hosts a modified version of the JavaScript file with a hardcoded site key."
As a result, thousands of sites using coinhive scripts cheated for at least six hours load the modified code to miner Monero to the hacker, not to the actual site owner.
"We have learned a lesson about security and used 2FA [two-factor authentication] and unique passwords for all services, but we forgot to update our annual Cloudflare account."
Hacker Hijacks DNS CoinHive For Mining Cryptocurrency
Coinhive gained media attention in recent weeks after the world's popular torrent download site, The Pirate Bay, was caught secretly using the browser-based Cryptocurrency miner on its website.
Soon afterwards more than thousands of other websites also started using Coinhive as an alternative monetization model by leveraging the CPU processing power of their visitors to mine the digital currency.
Even hackers also use Coinhive like services to make money from compromised websites by injecting code secretly.
How To Block Web Site From CPU Hijacking For Mining Cryptocurrency
Some Antivirus products, including Malwarebytes and Kaspersky, have also started blocking Coinhive scripts to prevent their customers from unauthorized mining and extensive CPU usage.
You can also install, No Coin or minerBlock, open-source browser extensions (plug-ins) that block coin miners like Coinhive.
![[Learning Module] Metasploit The Penetration Tester's Guide : Basic Absolute For Penetration Testing](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjgIGcys0kl5v0lguuoTfjDFY5pdnrH_-ZKRVMSCfvaZXodh3I3Y9Ketrvqw41ekC79J1tTzJ7k6zTOlRrGgh22Q4_3csCi_FPJ9_a3NV7R9q6zhKBV-mGj8NxY2wIU7FE0Gf2sdlkx95A/s72-c/Penetration-Tester-Guide-CyberNews404.PNG)
Hi! Thanks for the great information you havr provided! You have touched on crucuial points!
ReplyDeleteblockchain write for us