Bad Packets Report is featured, cited, or mentioned in the following publications.
AT&T ThreatTraq – Vulnerability in Cisco RV320, RV325 Routers
CTV News – Raising The Alarm About Cryptojacking
The Wall Street Journal – Your Computer May Be Making Bitcoin for Hackers
The Washington Post – Hackers have turned Politifact’s website into a trap for your PC
The Washington Post – Salon.com wants to use your PC to mine cryptocurrency
Krebs on Security – Website Flaw Let True Health Diagnostics Users View All Medical Records
Krebs on Security – Who and What Is Coinhive?
Krebs on Security – Who’s Behind the Screencam Extortion Scam?
Krebs on Security – Alleged ‘Satori’ IoT Botnet Operator Sought Media Spotlight, Got Indicted
Krebs on Security – Crypto Mining Service Coinhive to Call it Quits
Krebs on Security – Booter Boss Interviewed in 2014 Pleads Guilty
WIRED – Your Browser Could Be Mining Cryptocurrency For a Stranger
WIRED – Hackers Hit Make-A-Wish Website With Cryptojacking Scheme
WIRED – Nationwide Bomb Threats Look Like A New Spin On An Old Bitcoin Scam
WIRED – When Facebook Goes Down, Don’t Blame Hackers
Forbes – Hackers Are Targeting D-Link Home Routers: Here’s How To Secure Yours
Forbes – Gmail, Netflix and PayPal Users Targeted In DNS Hijacking Campaign
ZDNet – Thousands of etcd installs are leaking secret server keys online
ZDNet – Over 115,000 Drupal sites still vulnerable to critical flaw
ZDNet – MikroTik routers enslaved in massive Coinhive cryptojacking campaign
ZDNet – A mysterious grey-hat is patching people’s outdated MikroTik routers
ZDNet – Cybercrime and malware, 2019 predictions
ZDNet – Hackers ramp up attacks on mining rigs before Ethereum price crashes into the gutter
ZDNet – Chinese websites have been under attack for a week via a new PHP framework bug
ZDNet – Over 19,000 Orange modems are leaking WiFi credentials
ZDNet – Hackers are going after Cisco RV320/RV325 routers using a new exploit
ZDNet – It took hackers only three days to start exploiting latest Drupal bug
ZDNet – Coinhive cryptojacking service to shut down in March 2019
ZDNet – Operator of eight DDoS-for-hire services pleads guilty
ZDNet – Hackers have started attacks on Cisco RV110, RV130, and RV215 routers
ZDNet – New Mirai malware variant targets signage TVs and presentation systems
ZDNet – Cisco bungled RV320/RV325 patches, routers still exposed to hacks
ZDNet – Hacker group has been hijacking DNS traffic on D-Link routers for three months
ZDNet – Backdoor code found in popular Bootstrap-Sass Ruby library
Associated Press – How your smart fridge might be mining bitcoin for criminals
BBC – Salon magazine mines crypto-cash with readers’ PCs
BBC – Vision Direct hack puts customers’ money at risk
Ars Technica – Now even YouTube serves ads with CPU-draining cryptocurrency miners
Ars Technica – Thousands of servers found leaking 750MB worth of passwords and keys
Ars Technica – Drupal warns of new remote-code bug, the second in four weeks
Ars Technica – Hundreds of big-name sites hacked, converted into drive-by currency miners
Ars Technica – Three months later, a mass exploit of powerful Web servers continues
Ars Technica – Ongoing DNS hijackings target unpatched consumer routers
Fortune – Popular Google Chrome Extension Caught Mining Cryptocurrency on Thousands of Computers
TechCrunch – Cryptojacking malware was secretly mining Monero on many government and university websites
TechCrunch – Vision Direct reveals breach that skimmed customer credit cards
Global News – Slow phone or computer? How to avoid getting ‘cryptojacked’
CBC News – ‘Cryptojacking’ hacker trend turns Canadians into cryptocurrency miners
Daily Mail – Facebook says ‘server configuration change’ to blame for its biggest EVER blackout
PC Magazine – Political Fact-Checking Site Hacked to Mine Cryptocurrency
PC Magazine – Coinhive Tries to Appease Critics With Opt-in Crypto Miner
PC Magazine – Why Hackers Love Cryptocurrency Miner Coinhive
PC Magazine – Chrome Extension Hacked to Secretly Mine Cryptocurrency
PC Magazine – Cryptocurrency Miner invades 4,000 Sites Via Third-Party Tool
PC Magazine – Can Cryptocurrency Mining Save The Media Industry?
PC Magazine – 400 Websites Secretly Served Cryptocurrency Miners to Visitors
PC Magazine – 200K MikroTik Routers Exploited to Serve Cryptocurrency Miner
PC Magazine – Coinhive Cryptocurrency Mining Service to Shut Down
Threatpost – Cryptojacking Attack Found on Los Angeles Times Website
Threatpost – Ad Network Circumvents Ad-Blocking Tools To Run In-Browser Cryptojacker Scripts
Threatpost – Rarog Trojan ‘Easy Entry’ For New Cryptomining Crooks, Report Warns
Threatpost – Muhstik Botnet Exploits Highly Critical Drupal Bug
Threatpost – Cryptojacking Campaign Exploits Drupal Bug, Over 400 Websites Attacked
Threatpost – Drupalgeddon 2.0 Still Haunting 115K+ Sites
Threatpost – Newsmaker Interview: Troy Mursch on Why Cryptojacking Isn’t Going Away
Threatpost – Huge Cryptomining Attack on ISP-Grade Routers Spreads Globally
Threatpost – Thousands of MikroTik Routers Hijacked for Eavesdropping
Threatpost – VisionDirect Blindsided by Magecart in Data Breach
Threatpost – Newsmaker Interview: Troy Mursch on Top Botnet Trends
Threatpost – 19K Orange Livebox Modems Open to Attack
Threatpost – Active Scans Target Vulnerable Cisco Routers for Remote Code-Execution
Threatpost – Hackers Abuse Google Cloud Platform to Attack D-Link Routers
Threatpost – New Mirai Samples Grow the Number of Processors Targets
The Next Web – CBS’s Showtime caught secretly stealing visitors’ CPU power to mine cryptocurrency
The Next Web – Researcher finds 50,000 sites infected with cryptocurrency mining malware
The Next Web – Google Play is hosting a disturbing amount of cryptocurrency malware
The Next Web – UNICEF wants your CPU power to mine cryptocurrency for children in Bangladesh
The Next Web – Nearly 400 Drupal sites infected with malware that secretly mines cryptocurrency
The Next Web – The US-China Association of Commerce site is running cryptocurrency mining malware
The Next Web – 200,000 routers in Brazil were secretly hijacked to mine cryptocurrency
The Next Web – Browser mining is generating over $250K worth of cryptocurrency every month
The Next Web – Twitter is now recommending users follow cryptocurrency scambots
The Next Web – Google Play promised to ban cryptocurrency mining apps, but we found tons
The Next Web – 30 days after the ban, Google Play still hosts cryptocurrency mining apps
The Next Web – The crypto-jacking epidemic continues, 280K infected routers detected to date
The Next Web – Monero slams crypto-jackers after mining malware hits government sites
The Next Web – Crypto-jacking epidemic spreads to 30K routers across India
The Next Web – 415,000 routers worldwide hijacked to secretly mine cryptocurrency
The Telegraph – Cryptojacking: The hackers mining digital currencies from your computer
The Register – CBS’s Showtime caught mining crypto-coins in viewers’ web browsers
The Register – Real Mad-quid: Murky cryptojacking menace that smacked Ronaldo site grows
The Register – More and more websites are mining crypto-coins in your browser to pay their bills, line pockets
The Register – Pulitzer-winning website Politifact hacked to mine crypto-coins in browsers
The Register – Mirai, Mirai, pwn them all, who’s the greatest botnet on the whole?
The Register – What do Vegas hookers, Colombian government, and 30,000 other sites have in common? Crypto-jacking miners
The Register – Crypto-jackers enlist Google Tag Manager to smuggle alt-coin miners
The Register – Guys, you’re killing us! LA Times homicide site hacked to mine crypto-coins on netizens’ PCs
The Register – Opt-in cryptomining script Coinhive ‘barely used’ say researchers
The Register – Cluster-f*ck! Etcd DBs spaff passwords, cloud keys to world by default
The Register – That Drupal bug you were told to patch weeks ago? Cryptominers hope you haven’t bothered
The Register – OMG, that’s downright Wicked: Botnet authors twist corpse of Mirai into new threats
The Register – Drupal drisputes dreport of widespread wide-open websites
The Register – Japanese Coinhive JS injector slapped with suspended sentence
The Register – Why is my cheapo Android red hot and switching off Wi-Fi?
The Register – Sextortion scum armed with leaked credentials are persistent pests
The Register – Miscreants sweep internet for unpatched Cisco kit, fears over bugged Chinese parts, Roger Stone nabbed…
Bleeping Computer – The Internet Is Rife With In-Browser Miners and It’s Getting Worse Each Day
Bleeping Computer – Cryptojacking Craze: Malwarebytes Says It Blocks 8 Million Requests per Day
Bleeping Computer – Cookie Consent Script Drops In-Browser Cryptocurrency Miner
Bleeping Computer – Cryptojacking Script Found in Live Help Widget, Impacts Around 1,500 Sites
Bleeping Computer – Mirai Activity Picks up Once More After Publication of PoC Exploit Code
Bleeping Computer – Cryptojackers Found on Starbucks WiFi Network, GitHub, Pirate Streaming Sites
Bleeping Computer – Chrome Extension with 100,000 Users Caught Pushing Cryptocurrency Miner
Bleeping Computer – Using the Chrome Task Manager to Find In-Browser Miners
Bleeping Computer – Firefox Working on Protection Against In-Browser Cryptojacking Scripts
Bleeping Computer – Unicef’s TheHopepage May Be the First Good Use of In-Browser Mining
Bleeping Computer – Drupal Sites Fall Victims to Cryptojacking Campaigns
Bleeping Computer – Google Agrees to Pay $11 Million to Owners of Suspended AdSense Accounts
Bleeping Computer – Two Months Later, Over 115,000 Drupal Sites Still Vulnerable to Drupalgeddon 2
Bleeping Computer – You Can File Complaints About Cryptojacking With the FTC
Bleeping Computer – Massive Coinhive Cryptojacking Campaign Touches Over 200,000 MikroTik Routers
Bleeping Computer – Coinhive Raking In Over $250,000 per Month From In-Browser Cryptomining
Bleeping Computer – Mirai IoT Malware Uses Aboriginal Linux to Target Multiple Platforms
Bleeping Computer – Over 3,700 MikroTik Routers Abused In CryptoJacking Campaigns
Bleeping Computer – VisionDirect Data Breach Caused by MageCart Attack
Bleeping Computer – Orange LiveBox Modems Targeted for SSID and WiFi Info
Bleeping Computer – Hackers Targeting Cisco RV320/RV325 Routers Using New Exploits
Bleeping Computer – Coinhive In-Browser Cryptomining Service Shuts Down on March 8
Bleeping Computer – Cisco Botches Fix for RV320, RV325 Routers, Just Blocks ‘curl’ User Agent
The Verge – Popular ‘cryptojacking’ service Coinhive will shut down next week
International Business Times – Hackers covertly hide code on Politifact to hijack your PC, secretly mine cryptocurrencies
International Business Times – Popular Chrome extension with over 105,000 users found secretly mining cryptocurrency
International Business Times – Salon to readers: Let us use your PC to mine cryptocurrency in exchange for an ad-free website
International Business Times – Mozilla Firefox Will Block Cryptocurrency Mining Malware Scripts From Web Browser
Newsweek en Español – SEP, UNAM y la Liga MX, fueron intervenidas para generar dinero con un código malicioso (SEP, UNAM and Liga MX, were intervened to generate money with a malicious code)
The Hacker News – Over 115,000 Drupal Sites Still Vulnerable to Drupalgeddon2 Exploit
The Hacker News – Hackers Infect Over 200,000 MikroTik Routers With Crypto Mining Malware
The Hacker News – New Exploit Threatens Over 9,000 Hackable Cisco RV320/RV325 Routers Worldwide
Avast Blog – MikroTik mayhem: Cryptomining campaign abusing routers
Avast Blog – The End of Coinhive; The end of cryptojacking?
Marion Star – Researcher: Marion website was infected, site visitors exploited for digital money
La Stampa – Truffe, crimini e ricatti online: dove nascono, come funzionano e perché sono difficili da fermare (Scams, crimes and blackmail online: where they are born, how they work and why they are difficult to stop)
La Stampa – Qualcuno potrebbe minare criptovalute col tuo browser, ecco come funziona il fenomeno (Someone could Mine cryptocurrencies with your browser, here’s how the phenomenon works)
TechRepublic – L.A. Times website injected with Monero cryptocurrency mining script
TechRepublic – Drupalgeddon 2 wreaking havoc on 900+ sites because IT still hasn’t applied updates
Tripwire – LA Times homicide website throttles cryptojacking attack
Infosecurity Magazine – LA Times Hit with Crypto-Mining Software
Infosecurity Magazine – Crypto Crime: Hunting for Cryptocurrency Mining in Your Enterprise (Webinar)
Infosecurity Magazine – Nearly 20,000 Orange Modems Leaking Wi-Fi Passwords
Infosecurity Magazine – Attackers Target Home Routers with DNS Hijacking
Help Net Security – Compromised MikroTik routers power extensive cryptojacking campaign
Help Net Security – Cisco botched patches for its RV320/RV325 routers
Help Net Security – Consumer routers targeted by DNS hijacking attackers
BankInfoSecurity – Cryptojacking: Mitigating the Impact
BankInfoSecurity – Hacked MicroTik Routers Serve Cryptocurrency-Mining Malware
BankInfoSecurity – Magecart Spies Payment Cards From Retailer Vision Direct
BankInfoSecurity – Hackers Target Fresh Drupal CMS Flaw to Infiltrate Sites
The Daily Swig – Google begins enforcing JavaScript for logins
The Daily Swig – Vision Direct poked in the eye by credit card breach
Naked Security – Unsecured AWS led to cryptojacking attack on LA Times
Naked Security – Shodan and passwords sitting in a tree, S-H-O-W-I-N-G!
CoinDesk – ‘Cryptojacking’ Software Attack Hits Hundreds of Websites
Liftr News – Report: Cryptojacking Trend Hits LA Times
Security Now! – Episode #662 – Drupal Sites Fall Victims to Cryptojacking Campaigns
Security Now! – Episode #667 – Drupalgeddon2 appears to be a fixture of the Internet
Security Now! – Episode #699 – Over 9,000 Cisco RV320/RV325 routers are vulnerable to CVE-2019-1653
DataBreachToday – Cryptocurrency Miners Exploit Widespread Drupal Flaw
DataBreachToday – Websites Still Under Siege After ‘Drupalgeddon’ Redux
DataBreachToday – Cryptojackers Keep Hacking Unpatched MikroTik Routers
Dark Reading – Cryptojacking Threat Continues to Rise
Dark Reading – 5 Steps to Fight Unauthorized Cryptomining
Dark Reading – Cisco Router Vulnerability Gives Window into Researchers’ World
Dark Reading – Ongoing DNS Hijack Attack Hits Consumer Modems and Routers
New Scientist – You may be making cryptocurrency for hackers without realising
Techdirt – Covert Cryptocurrency Miners Quickly Become A Major Problem
Techdirt – Cryptocurrency Mining Company Coinhive Shocked To Learn Its Product Is Being Abused
Business Insider – A hacker has been using the Los Angeles Times’ website to mine the cryptocurrency Monero
Business Insider – If your computer has slowed, you might be mining crypto coins for someone else — here’s how to stop it
CSO – What is cryptojacking? How to prevent, detect, and recover from it
CSO – How to detect and prevent crypto mining malware
CSO – Don’t Let Your Website Become A Crypto Goldmine For Hackers
CSO – Cisco business routers targeted after patch, at least 9,000 vulnerable
WeLiveSecurity – US and UK government websites hijacked to mine cryptocurrency on visitors’ machines
WeLiveSecurity – Coinhive cryptocurrency miner to call it a day next week
BTCMANAGER – Cryptojacking Strikes Again! Hackers Target Government Websites to Mine Monero
BTCMANAGER – Monero Mikrotik Madness: Carrier-Grade Cryptojacking Scheme
BTCMANAGER – Hackers Unfazed by Crypto Price Crash as they Double Down on Wallet Attacks
Mashable – Chrome extension is secretly mining cryptocurrency
Motherboard – ‘One of the Biggest’ Coinhive Users Made $7.69 In 3 Months
SC Media – Cryptojacking campaign hits 400 Drupal-based sites, many run by governments and universities
SC Media – 2018 – The year that was: Top Cyberthreats
SC Media – Attackers scanning unpatched Cisco small business routers after exploit code published
SC Media – Cisco may have released a faulty patch in most recent update
SC Media – Cybercriminals launch attacks on home routers via Google Cloud Platform
SecurityIntelligence – Does the Rise of Crypto-Mining Malware Mean the End of Ransomware?
TechTarget – New cloud threats as attackers embrace the power of cloud
HackRead – After The Pirate Bay, Showtime Websites Also Found Mining Cryptocoins
HackRead – Chrome Extension with 105,000 installs is a Cryptocurrency Miner
HackRead – Hackers are using YouTube Ads to Mine Monero Cryptocurrency
HackRead – LA Times website hacked to mine Monero cryptocurrency
HackRead – Cryptojacking campaign hits 400 Drupal-based sites, many run by governments and universities
HackRead – The Pirate Bay is silently mining cryptocurrency without user consent
HackRead – VisionDirect hacked: Hackers infect domains with malicious Google Analytics code
Security Boulevard – 5 Cryptojacking Consequences CISOs Can’t Ignore
Security Boulevard – Coinhive to shut down all its cryptojacking services on March 8!
Security Boulevard – Cisco merely blacklisted a curl instead of actually fixing the vulnerable code for RV320 and RV325
SmarterMSP – Threat Watch: Cryptojacking
Tom’s Hardware – Showtime Uses Online Viewers’ CPUs To Mine Cryptocurrency
Tom’s Hardware – The Rise Of Cryptojacking And How To Stop It
Gizmodo en Español – Es una plaga: Movistar infecta “por error” su propia web para minar criptomonedas a través de sus usuarios (It’s a plague: Movistar infects its own website “by mistake” to mine cryptocurrencies through its users)
CriptoNoticias – “No hay que tomarse los mineros web a la ligera” asegura Troy Mursch, investigador de ciberseguridad (We shouldn’t take web miners lightly,” says Troy Mursch, cybersecurity researcher.)
CriptoNoticias – Página web de Movistar España minaba monero de sus usuarios con Coinhive (Movistar Spain web page mines Monero from its users with Coinhive)
Inverse – Chrome Extension Secretly Used People’s Computers to Mine Cryptocurrency
Inverse – Tesla Latest Victim of Cryptojacking Attack, and More Could Come Soon
Inverse – Cryptojacking Attacks Continue as “Los Angeles Times” Falls Prey to Hackers
Inverse – Why This Cryptocurrency Mining Calendar App Wasn’t Such a Great Idea
Heise online – Chrome-Extension Archive Poster sammelt heimlich Kryptowährung (Chrome Extension Archive Poster secretly collects cryptocurrency)
Heise online – Drupal-Lücken: Lenovo versäumt Webseiten-Update und fängt sich Krypto-Miner ein (Drupal Gaps: Lenovo fails website update and captures crypto-miner)
Heise online – Jetzt patchen! Angreifer machen Jagd auf Cisco-Router (Patch now! Attackers hunt down Cisco routers)
Golem.de – Proxy-Server fügen Kryptominer ein (Proxy servers add cryptominer)
Cointelegraph – ‘Attack Or Business Opportunity?’: Academics Question Ethics Of Coinhive Cryptojacking
Cointelegraph – Coinhive Code Found On 300+ Websites Worldwide In Recent Cryptojacking Campaign
Cointelegraph – Report: Number of Routers Affected by Crypto Malware Doubled Since August, Reaching 415K
Security Affairs – A new Mirai variant is rapidly spreading, around 100,000 IPs running the scans in the past 60 hours
Security Affairs – Over 115,000 Drupal Sites still vulnerable to Drupalgeddon2, a gift to crooks
Security Affairs – Thousands of unpatched MikroTik Routers are involved in new cryptocurrency mining campaigns
Security Affairs – Over 19,000 Orange Livebox ADSL modems leak WiFi credentials
Security Affairs – Hackers are targeting Cisco RV320/RV325, over 9K routers exposed online
Security Affairs – Initial fixes for Cisco RV320 and RV325 routers were incomplete
Security Affairs – DNS hijacking campaigns target Gmail, Netflix, and PayPal users
BizTech – How Cryptojacking Could Harm Your IT Environment
ExtremeTech – Showtime Caught Mining Cryptocurrency With Viewers’ PCs
Complex – Showtime’s Website Might Have Been Hacked to Mine Cryptocoin