Sucuri has reported seeing several new infections of WordPress sites by Minr cryptocurrency-mining malware.
Minr uses almost all the CPU power of a victim’s PC to mine Monero for the attackers.
This follows a Wikipedia editor reviewing sources added to a Wikipedia entry which linked to a site infected with the malware at the start of February.
Sucuri said it is seeing a variety of “creative approaches” by malware authors to infect websites with cryptocurrency mining scripts.
Examples include CoinHive injections, hidden iframes within public repositories on GitHub, infections in Drupal and Magento, and the use of old infections to distribute mining malware.
“To protect your web assets from the creativity of bad actors… employ file integrity monitoring on your websites,” said Sucuri.
“This will help you detect malware injection, spam, defacements, database errors, and downtime.”