LA Times website was embeded malicious script to mine Monero

According to infosecurity-magazine reports, the company’s security researcher Troy Mursch of Bad Packets reported recently discovered that the third largest newspaper ” Los Angeles Times” webpage hosted encryption mining software aimed at using the visitor’s CPU to dig Monero.

According to Troy Mursch, an attacker exploits an improperly configured Amazon Web Services (AWS) S3 cloud bucket to access the site and inject Coinhive software scripts into the program. But the weird thing is that the affected page is a page on homicide reports covering people killed in Los Angeles in the past 12 months.

According to some statistics, Coinhive may affect a quarter of the world’s organizations. When users visit the web, Coinhive will Monero online mining. Embedded JavaScript uses the computational resources of the end user’s machine to mine coins and affect system performance. While Coinhive is a legitimate service for webmasters looking for a profit-making alternative to advertising, criminals typically embed Coinhive in the absence of a web site, while certain unscrupulous web sites do not know the visitor Secret use of Coinhive in the case of love.

In this mode, scripts are generally set to be mined at a non-top level, consuming less computing power and potentially up to two weeks unexploited.

According to Carl Wright, AttackIQ’s Chief Revenue Officer, cloud misconfigurations are frequent and many companies have vastly expanded their attack surface, coupled with a lack of uniform security controls and process assurances, so companies need to continually test their security controls Is there a configuration error? If businesses do not continuously validate their security controls at this stage, it is likely to result in a painful failure.

Source: Infosecurity