Hackers Harnessed Ghost Servers for Mining Cryptocurrency


Popular blogging platform Ghost and tech firms LineageOS and Digicert were the latest victims of cryptomining attacks, a kind of malware that harnessed their computing powers for mining cryptocurrencies.

Ghost confirmed it had been hacked as attackers abused the vulnerabilities in popular infrastructure tool Salt and gained access to the Ghost (Pro) sites and Ghost.org billing services.

The Most Diverse Audience to Date at FMLS 2020 – Where Finance Meets Innovation

The open-source platform, which has more than 2 million installs and 750,000 registered users, said its developers quickly detected flaws in the Salt configuration management framework. The mining attempt spiked CPUs and quickly overloaded most of their systems, which alerted us to the issue immediately.

Ghost, which counts big names customers such as Mozilla, NASA, and DuckDuckGo, said customer information and user credentials weren’t infiltrated during the incident.

“All traces of the crypto-mining virus were successfully eliminated yesterday, all systems remain stable, and we have not discovered any further concerns or issues on our network. The team is now working hard on remediation to clean and rebuild our entire network,” the company said on its status page.

The developer of Salt, Saltstack, has introduced two updates to address the vulnerabilities in its tool, which is widely used by data centers and in cloud-based environments for server configuration and monitoring.

Ghost’s cloud isn’t the first to be hacked by cryptocurrency miners. Several businesses and government agencies have fallen victim to cryptojacking attacks over the past few years.

Virginia-based bank Capital One revealed in July that more than 100 million of its customers had their personal data exposed in a hack. The hack also affected 6 million in Canada, and the leaked data was used for hijacking the resources of comprised machines to solve mathematical problems and collect cryptocurrency rewards.

Cryptojacking, which is also known as cryptomining malware or coinjacking, has become a rampant practice. As Finance Magnates previously reported, instances of such malware have shot up over the last two years, leading commentators to warn of an epidemic.

Leave a Reply

Your email address will not be published. Required fields are marked *

You May Also Like