Top Alexa Sites Infected With Malicious Coinminers And Web Skimmer

Top Alexa Sites Infected

An investigation was conducted into the top 10,000 Alexa sites. According to this investigation, many of these well-known sites were infected with malicious coinminers and credit card skimming scripts. Palo Alto Networks revealed that many of these popular sites that were receiving lots of Internet traffic were encountering malicious activities from crypto miners and credit card stealing skimmers. The top Alexa sites infected with malicious coinminers and web skimmer.

Top Alexa Sites Infected with Malicious Coinminers And Web Skimmer

Now, we have to understand what a coinminer is. A “coinminer” or a “cryptocurrency miner” is a program that generates Bitcoin, Monero, or any other type of cryptocurrency. Many malware authors utilize these programs to mine cryptocurrency.

Now that we have understood what a coinminer is, let us see what a web skimmer is. It is a malicious program that embeds itself into the payment page of any compromised website. The purpose of a web skimmer is to steal credit card information that users enter in the payment pages of an e-commerce website.

It is to be noted that Palo Alto Networks, Inc. is a multi-national cyber-security company. The severely impacted domains compiled by this company are listed and described here:

Top Alexa sites infected with malicious coinminers and web skimmers:

  • libero[.]it is an Italian website that offers a variety of services, including webmail service, news, search engine, and so on. Palo Alto found out that this site was affected by a malicious coinminer.
  • Pojoksatu[.]id is a news website in Indonesia that was also affected by a malicious coinminer.
  • www[.]heureka[.]cz is one of the largest e-commerce platforms in Eastern and Central European markets and it was affected by a web skimmer.
  • zoombangla[.]com is a news website in Bangladesh that was also severely affected by a malicious coinminer.

Let us now discuss more in detail about the top Alexa sites infected with malicious coinminers and web skimmer.

“Coinhive” was a service that provided Monero (a kind of cryptocurrency) miners. These were JavaScript-based and had the ability to run on web browsers. Owing to the usage of this service by several malicious actors, the service had to shut down. In a blog written by many of Palo Alto Network’s researchers, you can find that there are still a couple of websites that are serving Coinhive’s miner script. One of these websites is coinhive.min.js and the other one is JSEcoin.

A user who visits a website that has already been affected by a cryptominer will be adversely affected. There are lots of people who have visited such compromised websites and have been significantly impacted. Even though the top Alexa sites have stellar brand reputation, they have also become victims of such compromises. So top Alexa sites infected with malicious coinminers and web skimmer

Added to the above, whenever a user visits websites that are infected with such malicious scripts, that person’s CPU usage levels will automatically increase.

Webskimming attacks:

Webskimming attacks are also known as “Magecart attacks.” These are the attacks that steal away the credit card details the users enter on payment pages. Researchers from Palo Alto Networks have discovered that the website heureka.cz that sells many products had some malicious links in its source code. These malicious links were found to be skimming scripts.

The skimming scripts in the source code might seem as if they are leading the user to destinations that are hosted by the heureka.cz. However, these skimming scripts actually redirect the user to malicious websites.

The researchers from Palo Alto Networks advise that users have to be very cautious even while visiting well-known and apparently reputable websites. Such sites will actually generate a lot of income for those attackers who focus on web skimming and malicious coinmining.

This information from the researchers at Palo Alto has arrived at a time when online shopping is at its peak because of the pandemic. Since online shopping will be indispensable now and in the near future, it is the users’ responsibility to stay cautious and protect themselves from these malicious attacks, which prove to be worse than the Corona attack itself!

We have now discussed the top Alexa sites infected with malicious coinminers and web skimmer.