The ongoing cryptojacking trend just got to the Los Angeles Times, as a hacker managed to use the website to mine Monero using visitors’ CPUs. According to British cybersecurity expert Kevin Beaumont, the website’s Amazon S3 bucket – a place businesses use to upload data – was compromised.
After compromising the Amazon S3 bucket, the hacker added code from Coinhive to mine the privacy-centric cryptocurrency. In an attempt to remain undetected, the hacker obfuscated the code to make it look like it was part of a bunch of gibberish in the page’s code.
On Twitter, Beaumont sounded the alarm:
— Kevin Beaumont (@GossiTheDog) February 22, 2018
The hacker managed to infiltrate the famed newspaper’s Amazon S3 bucket because, oddly enough, it was accidentally set so that anyone who managed to access it could write to it. Taking this into account, someone – potentially the hacker – left the Los Angeles Times a friendly message.
“Hello. This is a friendly warning that your Amazon AWS S3 bucket settings are wrong. Anyone can write to this bucket. Please fix this before a bad guy finds it.”
Notably, Coinhive is a legitimate software that allows website administrators to mine Monero for revenue, to get rid of ads on their websites. It essentially helps websites survive the growing use of adblockers. Popular news website Salon, for example, is already offering users the choice of seeing ads or allowing it to use their CPUs to mine Monero.
Shortly after becoming popular, criminals started using Coinhive to mine without other people’s consent, launching the ongoing cryptojacking trend.
The cryptojacking trend
As covered by Core Media in September, torrent-index website The Pirate Bay started using Coinhive to mine Monero, as an alternative to running ads on the website. At first it was just an experiment, that then kept on going.
Since then, hackers have been using Coinhive to mine cryptocurrencies through other websites. Victims include CBS-owned Showtime websites, Telegram, and even government websites throughout the world, among others.
Reacting to the trend, various anti-malware programs started blocking cryptocurrency miners. Some browsers, including Opera and Brave, created built-in tools to protect their users against cryptojacking attempts.