• Skip to content
  • Skip to primary sidebar
  • Skip to secondary sidebar

Cyber Threat Defense

Cyber Security News

You are here: Home / Hacking / Hackers Modify Code in AOL Advertising Platform

Hackers Modify Code in AOL Advertising Platform

April 20, 2018 By News Team Leave a Comment

Trend Micro researchers recently found that hackers had gained entry to, and then modified code, in AOL’s advertising platform to mine Monero cryptocurrency. 500 other websites are also thought to be infected with the same CoinHive cryptocurrency mining script used on the AOL advertising platform. This includes MSN’s Japanese web portal, which was infected by a similar script with the same goal of mining Monero coins via the computing power of visitors to the news site.

In its posted analysis, Trend Micro said that the compromised ads were capable of creating a large number of web miners. The MSN website is the default page for Microsoft’s browser and the page that Outlook email users are redirected to on logging out from their account, so it gets a lot of secondary traffic.

As the researchers looked more deeply into what was happening, they found that hackers were running their campaign by hosting malicious content on unsecured AWS S3 buckets, which their administrators had apparently left open for public access.

In terms of the AOL and MSN website hacks, the Trend Micro researchers think that a sizeable number of users may have been impacted.

The security firm alerted the firms involved, and AOL moved quickly to remove the malicious script. Trend Micro advised website administrators to check for potential exploitation, and take action if necessary.

“The campaign injected malicious script at the end of a JavaScript library on the unsecured S3 buckets. Website administrators can easily check for any script injected with code similar to the one shown below or the mining domains we listed in the Indicators of Compromise section to verify if their sites have been modified,” wrote Trend Micro.

Other major advertising platforms have seen their sites compromised in a similar way by illegal cryptojacking programs. In January, hackers used ad slots on YouTube to mine Monero cryptocurrency through CoinHive Javascript code.

“Organizations should secure and always properly configure their servers to prevent these types of threats. To further protect themselves, they should choose the right cloud security solution based on their specific needs,” concluded Trend Micro.

There are several ways to block cryptocurrency mining from taking place in your browser and stealing CPU power, including minerBlock and No Coin extensions in the Chrome web store. Both extensions are open source, and freely available for the public to use. Alternatively, the Opera browser (in both Android and iOS, on desktop and mobile) prevents websites from hijacking your browser to mine for cryptocurrency.

Filed Under: Cryptomining, Hacking Tagged With: AOL advertising platform, Coinhive, cryptocurrency mining, cryptojacking, cryptomining, Monero, MSN Japanese web portal, Trend Micro, YouTube

Primary Sidebar

Recent Articles

  • How Profits Inspires Virus Developers
  • What’s Propelling A10 Networks Inc (NYSE: ATEN) After Higher Shorts Reported?
  • FacexWorm Targets Facebook Messenger
  • Cisco Systems Webex Flaws Allows Remote Users To Execute Code
  • Europe sees Radical Drop in DDoS Attacks Since Seizure of Webstresser Site

Categories

  • Application Security
  • Bitcoin
  • Bot Defense
  • Browser Security
  • Business Models
  • Critical infrastructure
  • Cryptocurrencies
  • Cryptojacking
  • Cryptomining
  • Cybercrime
  • cybersecurity
  • Data Breach
  • Data Theft
  • DDoS
  • Endpoint Security
  • Espionage
  • Feature
  • Firewall
  • Fraud
  • Government
  • Hacking
  • Hacking Tools
  • IoT
  • Layer7
  • Leaks
  • Malware
  • Mining
  • Mobile security
  • Point of Sale Devices
  • Quantum Encryption
  • Quantum Security
  • Ransomware
  • Routing
  • Uncategorized
  • Vault7
  • Vault8
  • Vulnerabilities
  • Wikileaks

Secondary Sidebar

Cyber Threat Defense.net | Copyright © 2019 All product names, logos, and brands are property of their respective owners. All company, product and service names used on site are for identification purposes only. Use of these names, logos, and brands does not imply endorsement.