Many Australian businesses have websites built using the Drupal platform. It’s an open source content management system that’s easy to use, has no real costs and is scalable. Recent occurrences have revealed a critical security flaw in the Drupal system that will impact you if you use platform.
Certain ‘miners’ are taking advantage of loopholes in Drupal 6, 7 and 8 to spread a script that mines a certain type of cryptocurrency. While the breaches were discovered in March and April they appear to have been running for a while, with an estimated one million sites all over the world being affected, including almost half a thousand official government sites.
WHAT IS CRYPTOJACKING?
Crytocurrency mining involves adding records of transactions to a public ledger called a blockchain. Transactions are organised into blocks and each block is created by having a computer processor solve an algorithm. The more blocks added, the more complex and power intensive solving these algorithms becomes. This means that in order to keep the process going (in other words solve the algorithms as quickly as possible), you will need to have a powerful processor. This process is legal but becomes illegal as cryptojacking when a hacker accesses remote processors without permission and uses them to solve the algorithms in question.
Your computer can unknowingly be used to mine cryptocurrency when you click a bad link (as with phishing) and load the code on your computer or if you enter a website/close a pop-up ad running a certain javascript code, automatically executing the mining process. It doesn’t need you to opt in, and as it occurs in the background you probably won’t even notice it happening. It doesn’t require advanced skills to put into place and lets hackers make more money in less time than they would using traditional ransomware. It’s also almost impossible to track.
HOW CAN I STOP IT?
As mentioned, the best way to prevent your Drupal website from being vulnerable to a cryptojacking attack as described above is to ensure that you’re using the latest version of it, as this will have the most sophisticated built in detection, filtering and blocking and network monitoring tools in addition to implementing standard anti-hacking training aimed at preventing penetration efforts.
You can find more detailed information here.
Alternatively you can move your website over to WordPress platform with us at iOnline, we can take care of all the hosting, security updates and patching.