The operator of the BlackBerry mobile site, TCL Communication Technology Holding Ltd, has discovered that they are hit by a cryptocurrency miner. Cryptocurrency mining software has been secretly put on apps and websites so that it can use the device’s CPU power without users knowledge and it seems there is another victim.
A Reddit user discovered that the BlackBerry Mobile website had been hijacked last week. The website was made to serve code to its users and visitors from the notorious Coinhive. Coinhive is a cryptocurrency miner used to mine the currency Monero. However, according to the Reddit user, the website hijack was only limited to the TCL owned Blackberrymobile.com website. Country-specific sites of the company and those owned by BlackBerry Ltd are not affected.
Coinhive confirmed on Reddit that one of its users had allegedly managed to hack the BlackBerry mobile website and put the code there. The user had used the Magento web-shop software vulnerability to hack into the website. The company wrote that they were sorry to hear about the misuse of their services and related how the user had managed to hack into the BlackBerry website. They also noted that they had terminated the account in question because it violated its terms of service and that the user had also affected a number of different sites.
The crypto-mining code for Monero and other virtual currencies has been doing the rounds on the internet. TLC is not the first victim neither will they be last if the current trend continues. The first bouts of the crypto related mining hacks first came out back in September 2017. Pirate Bay, Showtime and Starbucks websites were some of the first places to be hit. Cryptocurrency gained so much popularity and fame in 2017 that hackers tried to cash in on the phenomenon. According to a RiskIQ report done back in September, they discovered that there were more than a thousand websites which were hijacking CPU power of visitors to mine for the cryptocurrency.
In October, CloudFlare banned all websites that were equipped with the software from their services. Later that month, the code started showing up on apps particularly the Android apps. From then on, the phenomenon has grown with time. Just last weekend, a security researcher discovered at least 291 apps which had the cryptocurrency mining software on them.
The incident which was reported on HackRead, shows that Android users are now the biggest group at risk of the mining software. Users are as always advised to download apps from reputable sources, and to keep updated devices at all times. Cryptocurrency miners trigger some high CPU usage, therefore users can check the processing speed and usage too.