Hacker Hijacks DNS CoinHive For Mining Cryptocurrency - CyberNews404

CyberNews404 is an online technology portal that provides information about the world of cyber news, cyber technology, tech news, tips & trik, tutorial etc. compelling content that educates the public and also provides unique entertainment.

Post Top Ad

Hacker Hijacks DNS CoinHive For Mining Cryptocurrency

Hacker Hijacks DNS CoinHive For Mining Cryptocurrency

Share This
Coinhive has been hijacked
Cyber News - When yesterday it was reported that there was a sudden global ransomware attack called 'Bad Rabbit', there was something worse than that.

Recently rumoured that Coinhive has been hijacked. Coinhave is a popular browser-based service. Coinhave offers website owners embed JavaScript to take advantage of the CPU power of their site visitors for mining Monero.

Reportedly, an unknown hacker managed to hijack CloudFlare Coinhive account that allows him to modify his DNS server. Hackers hijack DNS CoinHive so Hackers can also replace the official Coinhive JavaScript code embedded into thousands of malicious websites: https://coin-hive[.]Com/lib/coinhive.min.js

Hackers Using Passwords That Leaked from Data Breach 2014

Apparently, the hacker reuses the old password to access the leaked CloudFlare Coinhive account in Kickstarter data breach in 2014.

"On October 23 at approximately 22:00 GMT our DNS account (Cloudflare) was accessed by attackers. The DNS records for coinhive have been manipulated to redirect the request of coinhive.min.js to a third-party server. "Coinhive said in a blog post.

"This third-party server hosts a modified version of the JavaScript file with a hardcoded site key."

As a result, thousands of sites using coinhive scripts cheated for at least six hours load the modified code to miner Monero to the hacker, not to the actual site owner.

"We have learned a lesson about security and used 2FA [two-factor authentication] and unique passwords for all services, but we forgot to update our annual Cloudflare account."

Hacker Hijacks DNS CoinHive For Mining Cryptocurrency

Coinhive gained media attention in recent weeks after the world's popular torrent download site, The Pirate Bay, was caught secretly using the browser-based Cryptocurrency miner on its website.

Soon afterwards more than thousands of other websites also started using Coinhive as an alternative monetization model by leveraging the CPU processing power of their visitors to mine the digital currency.

Even hackers also use Coinhive like services to make money from compromised websites by injecting code secretly.
How To Block Web Site From CPU Hijacking For Mining Cryptocurrency

Some Antivirus products, including Malwarebytes and Kaspersky, have also started blocking Coinhive scripts to prevent their customers from unauthorized mining and extensive CPU usage.

You can also install, No Coin or minerBlock, open-source browser extensions (plug-ins) that block coin miners like Coinhive.

1 comment:

  1. Hi! Thanks for the great information you havr provided! You have touched on crucuial points!
    blockchain write for us

    ReplyDelete

Post Bottom Ad