How Hackers Got Access to Coinhive’s account
This hacker reused an old password to access Coinhive’s CloudFlare account that was leaked in 2014.
“Tonight, Oct. 23th at around 22:00 GMT our account for our DNS provider (Cloudflare) has been accessed by an attacker. The DNS records for coinhive.com have been manipulated to redirect requests for the coinhive.min.js to a third party server.” Coinhive said in a blog post today.
As a result, thousands of sites using coinhive script were tricked for at least six hours into loading a modified code that mined Monero cryptocurrency for the hacker rather than the actual site owners.
“We have learned hard lessons about security and used 2FA [Two-factor authentication] and unique passwords for all services since, but we neglected to update our years old Cloudflare account.”
Your Web-Browsers May Be Mining Cryptocurrencies Quietly
Coinhive gained popularity in last weeks after world’s popular torrent download website, The Pirate Bay, caught secretly using this browser-based cryptocurrency miner on its site.
Immediately after that lot of other websites also started using Coinhive as an alternative monetisation model by utilising their visitors’ CPU processing power to mine digital currencies.
Even hackers are also using Coinhive like services to make money from compromised websites by injecting a script secretly.
Well, now the company is also looking ways to reimburse its users for the lost revenue due to breach.
How to Block Websites From Using Your CPU
Due to concerns as mentioned above, some Antivirus products have also started blocking Coinhive script to prevent their customers from unauthorised mining and extensive CPU usage.