Trustwave, a cybersecurity company, detected and reported malware hacking on the website of the global, non-profit organization.
The malware was cleverly designed to evade known ways of detection, including alterations of the domain name and different IPs. The software – a JavaScript miner CoinImp – is similar to the illicit Monero coin miner CoinHive and uses the CPU power of website visitors to maliciously mine cryptocurrency. CoinImp infected the Foundation’s page through the drupalupdates.tk domain, which has been previously connected to other attempts of hacking websites in the early months of 2018.
According to recent data reports, gathered by Bloomberg, the scale of hacker attacks related to cryptocurrency products and mining has gone up to 500% in this past year.
More and more information surfaces every day about yet another entity that has fallen victim to the hacks. In the past few months, the hits have become more ingenious, with attacks targeting websites, exchanges, PC operating systems, and even social media profiles. The targets of those have ranged from big businesses like Target, through PCs running on Linux to non-profits like the Make-a-wish Foundation.