Blackberry site was compromised with Monero-mining malware

by Julie Splinters - - 2018-01-09

Reddit user finds a Coinhive script added to the Blackberry's site code

Blackberry mobile site is hacked with Coinhive cryptocurrency miner

TCL Communication Technology Holding, the owner of Blackberry brand, was informed that the official website is serving its visitors with Coinhive cryptocurrency miner which helps to generate Monero digital currency for the criminals^[1].

Reddit user has uploaded the fraction of the script which is particularly designed to exploit more than 50% of user's CPU power on www.blackberrymobile.com website.

According to the analysis, only the global site is affected. Likewise, those who browse on country-specific pages will not be infected with a stealth Monero-mining malware^[2] while the website is open. Unfortunately, Blackberry has not made the official statement yet.

The hacker has exploited a vulnerability in Magento Web Shop software

In contrary to the authorities of the Blackberry, Coinhive has replied to the Reddit user saying that a particular user has managed to take advantage of the vulnerability found in Magento Web Shop software.

He/She might have hacked multiple websites to infuse the crypto-mining script and generate illegal profits from unsuspecting site visitors. Coinhive apologizes for the misusage of their services with the following message^[3]:

We're sorry to hear that our service has been misused. This specific user seems to have exploited a security issue in the Magento web shop software (and possibly others) and hacked a number of different sites.

Additionally, they point out that the suspect's account has been disabled and they are investigating the violation of their Terms of Service^[4]:

You may only implement Coinhive into websites, services or apps for which you have the authorization to do so. If you implement Coinhive on websites you have “hacked” we will terminate your account.

Crypto-mining becomes the alternative to advertising

Coinhive has introduced new service for website owners — similarly to advertising, they can append scripts to monetize their business using visitors' CPU power. According to the experts, there has been a 34% increase in web-based mining with mobile apps which infuse the miner's code.

However, not only hackers use not such fair methods to generate profits — Pirate Bay was caught not fully disclosing the information about the mining script which was present on their website.

In fact, many inexperienced computer users might be unable to detect that their CPU power is being exploited as a charge for site's content. Although, as time passes this controversial process cannot leave unnoticed^[5]:

The mining process can start quickly and quietly in the browser without anybody noticing, unless insufficient throttling is used, in which case the CPU load may max out during the users' session, which would be an easy telltale for end users to spot.

About the author

Julie Splinters - Malware removal specialist

Julie Splinters is the News Editor of 2-spyware. Her bachelor was English Philology.

Contact Julie Splinters
About the company Esolutions

References

^ Tara Seals. Monero Crypto-Mining Invades BlackBerry Mobile Site. Infosecurity Magazine. Information Security & IT Security New.
^ Lucia Danes. Monero Miner. How to remove? (Uninstall guide). 2Spyware. Security and Spyware News.
^ Official BlackBerry Mobile site uses coinhive to mine monero in your browser. Reddit. the front page of the internet.
^ Terms of Service. Coinhive. Monero JavaScript Mining.
^ Hon Lau. Browser-Based Cryptocurrency Mining Makes Unexpected Return from the Dead. Symantec. Global Leader In Next-Generation Cyber Security.