Coinhive’s DNS Server Compromised Thanks to Weak Password
Coinhive is an enterprising company that gives websites an alternative to earning revenue through ad bombardment with a Monero-mining JavaScript code that website owners can embed on their site. The code allows site owners to use their visitor’s CPU power to mine the cryptocurrency Monero. Coinhive keeps a percentage of the mined Monero, and the rest goes to the owners of the sites containing the script.
On October 24, the Coinhive team announced that their account for their DNS provider was accessed by a malicious actor on October 23. Hackers hijacked Coinhive’s DNS records and modified them to redirect requests for coinhive.min.js to another server.
According to the Coinhive announcement, “this third party server hosted a modified version of the JavaScript file with a hardcoded site key. This essentially let the attacker ‘steal’ hashes from our users.”
The company has apologized for the incident, which was reportedly caused by a weak password that was probably leaked in the 2014 Kickstarter breach—of course, this is not the first time reused passwords has caused problems. Coinhive mentions that they are actually using 2FA and unique passwords, but neglected to update their older account with their DNS provider.
The announcement emphasized that no account information was leaked and the company's web and database servers were not accessed. The company plans to reimburse users by crediting all sites with an additional 12 hours of their daily average hashrate.
This incident highlights the importance of proper online account security. Using complex and unique passwords is a must, and enterprises must take advantage of all security features their service provider offers. Here are some other tips:
- When managing multiple accounts, users should be vigilant and proactively update the security of each account. Providers might update certain features or add new elements that you can use.
- Enterprises should implement a strict security policy on third-party services, particularly if they handle sensitive data or systems that are integral to operations. Businesses should be sure of who they are working with and vet who has access to their data.
Like it? Add this infographic to your site:
1. Click on the box below. 2. Press Ctrl+A to select all. 3. Press Ctrl+C to copy. 4. Paste the code into your page (Ctrl+V).
Image will appear the same size as you see above.
Recent Posts
- Ransomware Spotlight: Ransomhub
- Unleashing Chaos: Real World Threats Hidden in the DevOps Minefield
- From Vulnerable to Resilient: Cutting Ransomware Risk with Proactive Attack Surface Management
- AI Assistants in the Future: Security Concerns and Risk Management
- Silent Sabotage: Weaponizing AI Models in Exposed Containers