Monero mining framework Coinhive’s DNS records have been accessed and manipulated by attackers.
“The DNS records for coinhive.com have been manipulated to redirect requests for the coinhive.min.js to a third-party server,” said Coinhive.
Coinhive said no account information was leaked, and its web and database servers were not accessed.
“The cause for this incident was an unsecure password for our Cloudflare account that was probably leaked with the Kickstarter data breach back in 2014,” said Coinhive.
“We have learned hard lessons about security and used 2FA and unique passwords with all services since, but we neglected to update our years-old Cloudflare account.”
Coinhive apologised for the oversight and said it is looking at ways to reimburse users who lost revenue.
“Our current plan is to credit all sites with an additional 12 hours of their the daily average hashrate.”