Pages

Wednesday, 28 February 2018

Coinhive Code Injected On LA Times Website


The website of the American newspaper the LA Times has unknowingly implemented Coinhive code in order to minate Monero's. The code has certainly been on an interactive map of the newspaper about murders in cities since 9 February , researchers from Bad Packet's report have discovered. The code let the CPU run just below 30 percent of its power to remain unnoticed, writes John Dunn from security company Sophos .

The code has been injected via a poorly secured Amazon AWS S3 bucket. This S3 bucket offered visitors write permissions. The researchers also found a message that suggested that someone else had access, in addition to the Bad Packet Report researchers and the cryptojackers themselves. The message was as follows:

Hello, this is a friendly warning that your Amazon AWS S3 bucket settings are wrong.
Anyone can write to this bucket. Please fix this before a bad guy finds it.

After the researchers informed the newspaper about the incident, the code was cleaned up and the cloud environment better secured. Coinhive has also lifted the account that was linked to the code. The researchers suspect that approximately 24 dollars of crypto currencies have been generated.

No comments:

Post a Comment