Coinhive miner DNS hacked

Monero mining framework Coinhive’s DNS records have been accessed and manipulated by attackers.

“The DNS records for coinhive.com have been manipulated to redirect requests for the coinhive.min.js to a third-party server,” said Coinhive.

“This third-party server hosted a modified version of the JavaScript file with a hardcoded site key. This essentially let the attacker steal hashes from our users.”

Coinhive said no account information was leaked, and its web and database servers were not accessed.

“The cause for this incident was an unsecure password for our Cloudflare account that was probably leaked with the Kickstarter data breach back in 2014,” said Coinhive.

“We have learned hard lessons about security and used 2FA and unique passwords with all services since, but we neglected to update our years-old Cloudflare account.”

Coinhive apologised for the oversight and said it is looking at ways to reimburse users who lost revenue.

“Our current plan is to credit all sites with an additional 12 hours of their the daily average hashrate.”

Now read: Cloudflare bans sites with secretly-embedded cryptocurrency miners

Latest news

Partner Content

Show comments

Recommended

Share this article
Coinhive miner DNS hacked