Security researchers recommend that user should update Drupal website to the latest version as soon as possible.
Hackers are exploiting vulnerable Drupal websites to mine digital currency
Security researchers report that the attackers are using a vulnerable Drupal high-risk vulnerability to implant mining scripts to use the visitor’s computer for mining digital currency. Sites that have been infringed are owned by companies, universities, and institutions such as Lenovo, UCLA, and the US National Labor Relations Commission.
https://twitter.com/bad_packets/status/993503865138892800
The United States has the largest number of websites, followed by France, Canada, Germany, and Russia. The attacker exploited the high-risk vulnerability of the Drupal content management system known as Drupalgeddon2 announced in March of this year. The embedded JavaScript files are hosted on vuuwd[.]com. The mining script uses the 80% CPU resources of the visitor computer to dig Monroe. currency.
