BlackBerry Mobile site hacked to run Monero cryptocurrency miner
With the popularity of Bitcoin and other cryptocurrencies, it's perhaps little surprise that a number of websites have recently been discovered using visitors' computer to do a little mining. The latest site found to be indulging in the activity is BlackBerry Mobile -- but this time it's thanks to the work of a hacker.
As with other sites carrying out surreptitious mining, it was a CoinHive mining tool that was found embedded in the code of the site. The same hacker also placed the same miner on a handful of other sites.
- SafeBrowse Chrome extension found to be secretly mining for cryptocurrency
- The Pirate Bay is secretly running a Bitcoin miner in the background, increasing your CPU usage
- Adblock Plus releases cryptocurrency miner hijack protection filter
The site hack was revealed on reddit after user Rundvleeskroket noticed the miner had been added to the code of the global BlackBerry mobile site. The code has since been removed, but it is not known how many people were affected, or how much money was generated through the miner.
CoinHive responded on reddit, explaining that the user in question has now had their account suspended, and also gave a little detail about how the hack was carried out:
Coinhive here. We're sorry to hear that our service has been misused. This specific user seems to have exploited a security issue in the Magento web shop software (and possibly others) and hacked a number of different sites.
We have terminated the account in question for violating our terms of service now.