Bitcoin & Ethereum live exchange rate

Coinhive cryptocurrency miner DNS hacked





“The DNS records for coinhive.com have been manipulated to redirect requests for the coinhive.min.js to a third-party server, This third-party server hosted a modified version of the JavaScript file with a hardcoded site key. This essentially lets the attacker "steal" hashes from our users.” said Coinhive.

“This third-party server hosted a modified version of the JavaScript file with a hardcoded site key. This essentially let the attacker steal hashes from our users.”

Coinhive said no account information was leaked, and its web and database servers were not accessed.

“The cause of this incident was an unsecured password for our Cloudflare account that was probably leaked with the Kickstarter data breach back in 2014,” said Coinhive

“We have learned hard lessons about security and used 2FA and unique passwords with all services since, but we neglected to update our years-old Cloudflare account.”

Coinhive apologised for the oversight and said it is looking at ways to reimburse users who lost revenue.

“Our current plan is to credit all sites with an additional 12 hours of their the daily average hashrate.”

Join us on Telegram
Powered by Blogger.