Trustwave Company Announces Malware Detection on the Make-A-Wish Foundation Site

2,193

On November 19, Trustwave published its latest research report, stating that the website of the global non-profit organization, the Make-A-Wish Foundation, was attacked by cryptojackers who used malware.

Trustwave experts say that attackers were able to integrate the CoinImp software used for mining into the CoNImage JavaScript (JS) domain code worldwish.org. This allowed them to illegally use cryptocurrency mining equipment. As is known, CoinIMP software allows criminals to gain access to the equipment of website visitors for the extraction of digital currencies.

According to the data, the malware has reached the site of the fund through the domain drupalupdates.tk, which has been used by the company that used the vulnerabilities of the site Drupal to compromise websites since May 2018.

According to experts, the attackers used a number of methods that allow them to hide their activities and avoid detection as much as possible. Among the named methods, it is worth noting the use of a complex domain name, the use of different domains and IP addresses in the WebSocket proxy server.

It is worth noting that, according to the data, the company Trustwave reported to the fund about the problem with the security of the site, but the representatives of the fund have not yet responded. Despite this, the malware has been removed.

This post is also available in: ruРусский

Don't miss a single story and get a chance to win up to 1,5 ETH!

Subscribe to our free newsletter and follow us
SUBSCRIBE
close-link