jQuery’s Official Blog Hacked, Hackers Compromise CoinHive’s DNS

0

jQuery, a cross-platform JavaScript library used by millions of websites, was recently hacked by hackers using the pseudonym “str0ng” and “n3tr1x”.

But the library was not touched, and it is a good news because millions of websites directly use jQuery script hosted by jQuery server, and the hack could have put billions of users at risk of malware attacks.

This message was available on http://blog.jquery.com/2017/10/26/hacked/; however, it was later removed.

According to the experts, the hackers may have used a leaked password from a data dump, or they might have used Zero-Day vulnerability in the server or the WordPress itself.

Three years ago jQuery website was hacked and its visitors were redirected to RIG exploit kit, but again, the files or the libraries were not modified.

jQuery is not the only high profile platforms whose security was compromised.

The DNS of CoinHive, a firm that provides cryptocurrency miner written in Javascript, was hijacked to mine cryptocurrency on thousands of websites after a hacker was able to compromise CloudFlare account for CoinHive allowing them to modify its DNS servers and replace Coinhive’s official JavaScript code on thousands of website with a malicious one.

CoinHive team, acknowledging the hack, claimed the attacker used a password, which was leaked in Kickstarter breach back in 2014, to hijack their CloudFlare account.


Anonymous recommends: Click Here To Surf & Download Anonymously, Protect Yourself From Any Hackers Or Spy Agencies And Get Around Censorship Filters

Click here to follow us on steemit.com, the decentralized social media platform with no censorship and get paid for your posts, likes and comments!

 
SHARE

LEAVE A REPLY

Please enter your comment!
Please enter your name here