Whoever hacked the LA Times’ interactive county murder map probably hoped to make a killing mining cryptocurrency – but swift action from a security researcher has put paid to their plans.
Security researcher Troy Mursch, whose blog has focused on cryptomining threats in recent months, raised the alarm on Twitter, after discovering that an Amazon AWS S3 bucket belonging to the LA Times had been left wide open, granting global write-access to anyone who fancied dropping their code on the server.
Unlike some cryptojacking attacks the miner was throttled to reduce the impact on visitors’ CPUs and make it harder for users to spot that something was awry. Perhaps this is how the attack appears to have gone unnoticed since February 9th.
Interestingly, Mursch reports that the Coinhive site key used in the cryptojacking attack against the LA Times is the same one that was used recently in the attack which impacted thousands of government websites in the UK and United States earlier this month, and had previously been used against Indian news websites.
But that’s not to say that cryptojacking is a victimless crime from the visiting web surfer’s point of view. It is still their computers’ resources that are being hijacked, and their electricity and (Read more...)
*** This is a Security Bloggers Network syndicated blog from The State of Security authored by Graham Cluley. Read the original post at: https://www.tripwire.com/state-of-security/security-data-protection/la-times-website-cryptojacking-attack/