Hackers launch crypto-mining malware on Ghost and popular websites


Hackers took advantage of now-resolved vulnerabilities in salt software to install crypto-mining malware on the servers of popular websites, one of which includes Ghost. This was revealed by security researchers to ZDNet on May 3.

Crypto-mining malware on Ghost server

Based on Node.js, Ghost is an open-source blogging website that advertises itself as a more convenient alternative to the leading blogging platform, WordPress. However, hackers were able to compromise the company’s servers to mine cryptocurrencies

Ghost reportedly uses Salt software to manage it’s servers. Thus, the attackers exploited the bugs in the Salt software to access the website[s]; afterward, they installed the crypto-mining malware, which resulted in overloads in the company’s CPU.

The hackers mainly focused on cryptocurrency mining, according to a Ghost representative. They did not steal the financial details or credentials of Ghost users, and rather they only installed crypto-mining malware to mine digital currencies from their server illicitly.

Crypto malware overloaded CPUs

Ghost devs were alerted about the unauthorized activity immediately after the company’s CPU spiked, which overloaded most of they’re systems. They had to take down they’re servers and bring it back online only after the vulnerabilities have been patched, per the report.

Before the incident occurred with Ghost, hackers already coded they’re way into the servers of a popular mobile OS known as LineageOS, through the same flaws reported with the Salt software. Another attack was launched on Digicert certificate authority under the same campaign. 

Saltstack patches Salt flaws

The processes of the attack are likely to be done automatically, right from the vulnerability scanning and the installation of crypto-mining malware, according to a researcher. At that time, Fortune 500 companies, including banks and other platforms using Salt software, were at risk.

To be precise, about 6,000 Salt servers were exposed; however, Saltstack, the firm behind the software, had recently released patches to resolve the reported vulnerabilities. Users have been advised to either secure they’re system with a firewall or patch the Salt servers.

Ibiam Wayas

Ibiam Wayas

Ibiam is an optimistic crypto journalist. Five years from now, he sees himself establishing a unique crypto media outlet that will breach the gap between the crypto world and the general public. He loves to associate with like-minded individuals and collaborate with them on similar projects. He spends much of his time honing his writing and critical thinking skills.

Related News

Hot Stories

The mystery  behind Binance's ownership of WazirX
Ted Cruz wants Capitol Hill to start accepting Bitcoin
New York Senate gets bill to make Bitcoin (BTC) a form of payment
NFT collection Azuki’s Twitter Account Hacked
SEC is investigating investment advisers over crypto custody

Follow Us

Industry News

The mystery  behind Binance's ownership of WazirX
Silvergate pauses preferred stock dividend amid crypto volatility
2023 Bull run begins - Why is the crypto market up today?
Phantom wallet steps up protection after 18k attacks
Nike's attempt to '.SWOOSH' Web3 creators

Add Your Heading Text Here