Thousands of websites around the world, including many operated by governments, were infected by hackers to silently "cry out" cryptocurrencies, security researchers said.
It is the first time that an attack of these characteristics is made public, in which a new class of hackers seized a large number of websites to create currencies such as Bitcoin, which are generated through the use of computing power.
The attacks, which were unveiled at the weekend by British security investigator Scott Helme, affected more than 4,000 websites, including those of the British data protection and privacy agency and the United States federal court system. United.
Unlike traditional attacks, these infections do not contain "ransomware" or steal data, but operate in stealth mode to obtain benefits from the dark world of cryptocurrencies.
Helme said in a blog post on Sunday that hackers were able to access a large number of websites by infecting a commonly used "plug-in," or some software that helps sites work better.
In this case, the hackers used the malicious software to create Monero, one of the new cryptocurrencies that are causing a sensation in the financial markets.
"If you want to load a cryptocurrency collector on 1,000 websites, you do not attack 1,000 websites, you attack website 1 from which they all load the content," he said.
The creator of the plug-in, the British software firm TextHelp, said it removed the affected software online after it discovered the "attempt to generate cryptocurrencies illegally".
"This was a crime and a thorough investigation is currently under way," the company said in a statement.
Researchers have been warning in recent weeks about this type of malware, which can act and generate benefits for third parties without the users of the team noticing.
Cisco security researchers Talos warned last month that this type of hacking "has increased exponentially."
Because of the huge financial gains from cryptocurrencies, Cisco researchers said they have become a major target for hackers.
"In general terms, mining simply uses the resources of the system to solve large mathematical calculations that result in a certain amount of cryptocurrencies being granted to the solvers," the Cisco researchers wrote in a research note.
Security researcher Graham Cluley said that this attack highlights the vulnerabilities of websites that may have weaknesses in third-party components.
"Things could have been much worse," Cluley said in a blog post. "Imagine if the plug-in had been tampered with to steal login passwords instead of stealing CPU resources from the computers they visit."
SÍGUENOS AQUÍ
Muchas gracias por el apoyo del equipo @cervantes. No te olvides de votarles como witness en esta página:
Witness Cervantes
cervantes cervantes-noticias
Esta publicación es no pudo ser posible sin la colaboración de @hr1 Te invito a que lo sigas.
You got a 18.18% upvote from @whalebuilder courtesy of @ymanzueta. Join @whalebuilder family at our Discord Channel. Don't let your precious stake(SP) go stale...Make it do more so you have to do less. Deligate it to @whalebuilder by clicking on one of the ready to delegate links: 50SP | 100SP | 250SP | 500SP | 1000SP | 5000SP | custom amount.
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
This post has received a 19.23 % upvote from @voterunner thanks to: @ymanzueta. BIG NEWS: Build your passive income with daily payouts from @voterunner! Read more about earning SBD with me. Daily. The easy way!
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
This post has received a 2.23 % upvote, thanks to: @ymanzueta.
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
You got a 8.98% upvote from @bid4joy courtesy of @ymanzueta!
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
You got a 1.95% upvote from @adriatik courtesy of @ymanzueta!
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
Congratulations! This post has been upvoted from the communal account, @minnowsupport, by ymanzueta from the Minnow Support Project. It's a witness project run by aggroed, ausbitbank, teamsteem, theprophet0, someguy123, neoxian, followbtcnews, and netuoso. The goal is to help Steemit grow by supporting Minnows. Please find us at the Peace, Abundance, and Liberty Network (PALnet) Discord Channel. It's a completely public and open space to all members of the Steemit community who voluntarily choose to be there.
If you would like to delegate to the Minnow Support Project you can do so by clicking on the following links: 50SP, 100SP, 250SP, 500SP, 1000SP, 5000SP.
Be sure to leave at least 50SP undelegated on your account.
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit