Major US sites hacked to mine cryptocurrency – a potential GDPR nightmare

In the past week, a hacking campaign has been launched on sites running Drupal to inject malicious code that will then mine crypto-currency on your computer.

The campaign is believed to have successfully hacked 400 government, corporate, and university websites turning them into cryptocurrency mining platforms that surreptitiously drain visitors’ computers of electricity and computing resources, a security researcher said Monday.

Some of the websites included: Lenovo, the University of California at Los Angeles, the US National Labor Relations Board, the Arizona Board of Behavioural Health Examiners, and the city of Marion, Ohio.

The Social Security Institute of the State of Mexico and Municipalities, the Turkish Revenue Administration, and Peru’s Project Improvement of Higher Education Quality were also affected.

The code that was run on the websites dedicated 80 percent of their CPU resources to mining the digital coin known as Monero with no notice or permission.

The exploit used the  Drupalgeddon2 vulnerability which was found in 2014, but on March 28th of this year was identified again. Drupal issues a critical release update to fix the vulnerability, but carrying out this update is reliant on the website owners.

It is also believed that along with the mining script the hackers are installing other malware that will allow them to carry out denial of service attacks on other websites.

With the GDPR just over 2 weeks away, a hacked site can cause a company major losses both financially and with customer loyalty. If a site had been hacked post GDPR and it contained any personal information on users (which most content management sites do), then you would have 72-hours to contact your customers and inform them of the breach. The result of this would cause a massive loss of confidence in your company, and you would incur the costs of having to have the website disinfected too.

While we don’t specifically deal with Drupal anymore, if you have a WordPress website and want a hosting service that will handle all your updates for you, reducing the chances of an attack such as this, then get in touch via our contact page.

James Smythe

Recent Posts

Understanding Google PageSpeed Insights & Core Web Vitals – A green 90+ can still show as needing improvement in Search Console

Many website owners have breathed a sigh of relief that Google has delayed the algorithm…

9 months ago

Most Google searches generate no website traffic with zero-click searches

I briefly touched upon zero-click searches in a recent post about Google featured snippets. The…

10 months ago

Takedown bad Google My Business with a new tool from Google

Online reviews can make or break a business nowadays, which has unfortunately made reviews become…

10 months ago

Google featured snippets improve to normal levels following drop

Featured Snippets in Google are a blessing and a curse. One had they offer a…

10 months ago

LiteSpeed Cache + CDN vs WP Rocket + Cloudflare CDN PageSpeed Insights with Divi WordPress Theme

We all know website speed is important, ignoring Google; a slow website provides a terrible…

11 months ago

This website uses cookies.