Threat Intelligence, Malware

Thousands of websites subjected to cryptojacking campaign

Crypto Trading theme with blurred city abstract lights background

Over 3,500 websites around the world have been infected with JavaScript cryptocurrency mining malware as part of a new cryptojacking campaign, The Hacker News reports.

With WebSockets exploited to facilitate the remote retrieval of mining tasks, threat actors could conduct clandestine cryptomining activities on the devices of victims visiting the compromised websites, according to an analysis from c/side. Additional findings also showed the JavaScript miner's domain to be associated with old Magecart credit card skimmers. "Attackers now prioritize stealth over brute-force resource theft, using obfuscation, WebSockets, and infrastructure reuse to stay hidden. The goal isn't to drain devices instantly, it is to persistently siphon resources over time, like a digital vampire," said c/side. A separate c/side report detailed the utilization of the OpenCart content management system to compromise East Asian e-commerce sites with a malicious payment form that enabled the exfiltration of bank information and other sensitive details from unsuspecting customers.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.

You can skip this ad in 5 seconds