Cybersecurity firm detects crypto mining malware on Make-A-Wish Foundation website

According to Trustwave Researchers, a global non-profit organization, Make-A-Wish Foundation has had its website infected with crypto jacking malware.  As per a post published on November 19, the Make-A-Wish foundation’s official website ‘worldwish.org’, was embedded with Javascript mining script CoinImp during a routine scan.

As a global NGO, the Make-A-Wish foundation grants wishes to children that experience serious illness and other such conditions.

The NGO mentioned that crypto jackers utilized numerous strategies to escape detection, which include changing of the domain name hosting the Javascript miner and executing a WebSocket proxy that is used with different IP addresses that obstruct blacklist protocols.

The NGO’s site which was built on Drupal, an open source content management system, announced that there was a vulnerability in their software that prompted hijackers to insert malicious codes into sites that had not subsumed their security patch.

Trustwave recently said:

“The Cryptojacking phenomenon is so widely spread that it is sometimes hard to tell whether a website is infected with malware or the mining code was genuinely added by the site owner.”

Also adding:

This is especially true of smaller sites, who might use cryptomining in a legitimate source of income but whose ability to secure their website might also be limited putting them at risk of cryptojacking compromise.”

Nevertheless, the malicious code was eliminated shortly after Trustwave attempted to reach the foundation.

Cybersecurity firm detects crypto mining malware on Make-A-Wish Foundation website

What is Cryptojacking?

Cryptojacking involves the use of malicious codes that compels other computer users to mine cryptocurrencies without their knowledge, no gone onto becoming widespread among internet users. This allows hackers from all over the world to bring in cryptocurrencies into their wallets and generate massive profits.

As per a data obtained by Bloomberg, In 2018, cryptocurrency mining attacks have increased up to 500 percent.

A report from Citrix revealed that crypto jacking malware infected at least 59% of UK companies. McAfee Labs also exposed a latest Monero mining malware called WebCobra that originated from Russia.

Trend Micro, a Japanese global cybersecurity company, stated that over 787,000 detections of malicious cryptocurrency miners were made earlier this year, targeting computers that run on Linux, when compared to 74,500 detections that were made in 2017.