• Hacking News
    • Leaks
    • WikiLeaks
    • Anonymous
  • Tech
    • Android
    • Apple News
    • BlackBerry
    • Google News
    • Microsoft
    • Motorola
    • Nokia
    • Samsung
    • 3D
  • Cyber Crime
    • Phishing Scam
  • How To
  • Cyber Events
    • Censorship
    • Cyber Attacks
  • Security
    • Malware
  • Surveillance
    • Drones
    • NSA
    • Privacy
  • Explore
    • Gaming
    • Science
    • Viral
HackRead
  • January 20th, 2021
  • Home
  • Advertise
  • Privacy Policy
  • Contact Us
HackRead
  • Hacking News
    • Leaks
    • WikiLeaks
    • Anonymous
  • Tech
    • Android
    • Apple News
    • BlackBerry
    • Google News
    • Microsoft
    • Motorola
    • Nokia
    • Samsung
    • 3D
  • Cyber Crime
    • Phishing Scam
  • How To
  • Cyber Events
    • Censorship
    • Cyber Attacks
  • Security
    • Malware
  • Surveillance
    • Drones
    • NSA
    • Privacy
  • Explore
    • Gaming
    • Science
    • Viral
  • Follow us
    • Facebook
    • Twitter
    • Linkedin
    • Youtube
Home
Security

Critical Vulnerability in Drupal CMS Used for Cryptomining

April 14th, 2018 Uzair Amir Security 0 comments
Critical Vulnerability in Drupal CMS Used for Cryptomining
Share on FacebookShare on Twitter

For your information, Drupal is also an open-source content management system (CMS) just like WordPress and is used by over a million websites across the globe. Drupal seems to be a top pick for governments and financial sector.

[squaread][/squaread]

However, reports suggest that Drupal contained a highly critical vulnerability that allowed remote hackers full control of a website. Users were kept unaware of this flaw until the company released a patch to address the issue.

Now, IT security researchers at Checkpoint have openly disclosed the vulnerability to the public, leaving site admins scratching their heads.

Dubbed as Drupalgeddon2, the vulnerability was so serious that it can be used for installation of cryptocurrency miners to mine for Monero cryptocurrency.

Drupal’s security team addressed the issue last month and released the patch, which admins who use Drupal to run websites are advised to install as quickly as possible. Researchers also released a proof-of-concept exploit for the flaw, which demonstrates that attackers can easily gain complete control of a website using the vulnerability.

We haven’t observed hackers wasting time in exploiting any kind of vulnerability until now and in this case too they have been rather quick on exploiting Drupalgeddon2. Attacks have already been initiated and attackers are installing cryptominers. An excerpt from a thread on SANS ISC Infosec forums confirms this as well.

The exploits are being launched at a rapid pace currently. Naturally, security experts and website owners are quite concerned. The tweet from GoDaddy’s VP of Engineering clearly shows this unrest among web owners. The Tweet reads:

1/2 It's been ~24 hours since the release of a public exploit for the Drupal RCE (CVE-2018-7600) https://t.co/1tfpH08Ohb

We are seeing 150 different IP addresses scanning and trying to exploit every Drupal site behind our network. If you didn't patch, consider yourself hacked.

— Daniel Cid (@danielcid) April 13, 2018

The only possible solution at the moment is to install the patch immediately.

A PSA was also published by Drupal’s team stating that the company was already aware of the attacks that are being launched to compromise Drupal 7 and 8 websites. The vulnerability has been classified as CVE-2018-7600 whereas the security risk score of the issue is increased to 24/25.

If your website remains unpatched by 11th April 2018, it is at the risk of compromising. Quite possibly, targeted attacks were already launched before the release of the patch. It is also to be noted that just by updating Drupal, you cannot remove backdoors and also cannot fix already compromised websites.

In fact, if you think that your website is patched while you didn’t patch it yourself then this indicates the site has been compromised. That’s possible because in some previous attacks it was noted that attackers themselves applied the patch to ensure that the site remained in their control.

  • Tags
  • CMS
  • Cryptocurrency
  • Cryptomining
  • Drupal
  • hacking
  • internet
  • Monero
  • security
  • Vulnerability
  • Wordpress
Facebook Twitter LinkedIn Pinterest
Previous article Website security firm Sucuri hit by large scale volumetric DDoS attacks
Next article New malware mine cryptocurrency without open browser session
Uzair Amir

Uzair Amir

I am an Electronic Engineer, an Android Game Developer and a Tech writer. I am into music, snooker and my life motto is 'Do my best, so that I can't blame myself for anything.'

Related Posts
X-rated social media app Fleek exposed explicit photos of users

X-rated social media app Fleek exposed explicit photos of users

Top Tips to Upscale Your Netflix Security Instantly

Top Tips to Upscale Your Netflix Security Instantly

'Child's Play' - Kids breach and bypass Linux Mint screensaver lock

'Child's Play' - Kids breach and bypass Linux Mint screensaver lock

Newsletter

Get the best stories straight into your inbox!



Don’t worry, we don’t spam

Latest Posts
Hackers compromised IObit forum to spread DeroHE ransomware
Hacking News

Hackers compromised IObit forum to spread DeroHE ransomware

60
X-rated social media app Fleek exposed explicit photos of users
Leaks

X-rated social media app Fleek exposed explicit photos of users

83
Top learning management system (LMS) software for small businesses
Technology News

Top learning management system (LMS) software for small businesses

584

HACKREAD is a News Platform that centers on InfoSec, Cyber Crime, Privacy, Surveillance and Hacking News with full-scale reviews on Social Media Platforms & Technology trends. Founded in 2011, HackRead is based in the United Kingdom.

Follow us