It seems that malicious mining software will not stop working as it is increasingly employed starting last year 2017, because of the high price of digital currencies, where hackers steal the power of computing users to hide the processes of generating digital currencies encrypted through malicious mining software .Security researcher Troy Morsh found on the Bad Packets Report that the USCAC site is infected with malicious code designed to steal the computing power of site visitors for Cryptocurrency operations.
According to the report, the malicious code on the USCAC website is based on the most common mining tool known as Coinhive used in Monero Monero digital mining.
For security reasons, we've decided not to link directly to the affected site. Morsch warns that the web page can direct users to "counterfeit tricks for technical support and other malware downloads."
The reason for this hacking is that the USCAC site is running an older version of the Drupal content management system. Morch asserts that the USCAC source code indicates that the last time the site was updated was in December 2011.
USCAC is a community of business and professionals with 300 Western and Chinese members and thousands of business organizations. Its purpose is to "promote friendship and understanding" between the US and Chinese governments.
"Web sites that use older versions of Drupal are very weak and can be exploited collectively. Unfortunately, there are 115,000 sites using an old version of Drupal - some of which have not been updated for several years. It has been discovered that hundreds of these sites have been affected by similar breakthroughs. "
In fact, this is not the first government Web site to be hacked by malicious mining software. Last month, Morsch revealed a list of 400 hacked Web sites because they were using outdated versions of Drupal's content management system. The list of affected sites includes government sites in countries such as the United States, Mexico, Turkey, Peru, South Africa and Italy. Other notable examples include Chinese giant Lenovo, Taiwan-based D-Link Network Appliance and University of California Los Angeles (UCLA).
It is of great concern that well-funded institutions such as those mentioned above have failed to adequately update their websites and protect their users from such attacks. But Morsh points out that Coinhive's Web site may take some responsibility for the spread of malware.
Morsch said he had not yet notified the USCAC about the hacking, saying it was pointless to contact the operators of all 115,000 sites affected. Instead, he is collaborating with the Drupal Security Team and the US-CERT to spread an alert about these breaches.
Morsch advises all Web site operators using the Drupal platform to update to the latest available version as soon as possible, to protect sites and users from hacking their devices with such software used in encrypted digital currency mining.
