10 to 15% of them are powered by WordPress

Bad Packets Report recently conducted a research. Their expert, Troy Mursch found nearly 50,000 websites that were infected with what they call cryptojacking. It means the infected websites are running cryptocurrency mining malware.

Technically, cryptocurrency mining malware is not more than a few lines of JavaScript code. How it works is simple and invisible or unnoticeable. When you visit the infected website you make it possible for the website’s admin to use your computer resources to mine cryptocurrencies. Interesting fact: according to the report, the most popular one is Monero (XMR).

Mursch carried out his research using the source-code search engine PublicWWW. He used it to scan the web for pages running cryptocurrency mining malware. You would think that the infected websites are what you would basically categorize as suspicious, ones that you would normally handle with caution or avoid simply, but interestingly, out of the 48,953 affected websites he found, 7,368 are powered by WordPress.

Coinhive is the most widespread mining script out there, Mursch revealed. It is responsible for about 40,000 infected websites, that is 80 percent of all the cases discovered by the research.

The remaining roughly 20 percent of websites run alternative crypto-jacking malware, such as Crypto-Loot, CoinImp, Minr, and deepMiner.

A document listing all crypto-jacking infected WordPress websites was published by the researcher. The document underlines that some of the listed websites have already removed the malware, but the majority of the infected sites are still mining using visitors’ computers.

Behind last month’s headline-making news that Tesla was hit by hackers was also an attempt in which hackers planted crypto-jacking malware on the website in order to use its cloud to mine.

So, it brings us to the most relevant question:

What can we do to prevent attacks like that? The problem is that a lot of users have no idea that this is an existing threat. Once you become aware of this risk, the answer to the question is simple and reassuring:

Some browsers, such as Opera and Brave, have already got built-in tools that block mining attempts. If you have Chrome of Firefox, the researcher recommends installing the minerBlock extension.



Zsolt Balló