2 min read

Someone hacked Blackberry to steal computing power for mining cryptocurrency [Updated]

Filip TRUȚĂ

January 09, 2018

Ad One product to protect all your devices, without slowing them down.
Free 90-day trial
Someone hacked Blackberry to steal computing power for mining cryptocurrency [Updated]

Cryptocurrency mining service Coinhive is again in the news for misuse by a customer, this time involving handset maker Blackberry. Apparently, someone hacked into the company”s global operations website and used it to steal visitors” computing power to mine Monero – a digital currency.

Cryptocurrencies like Bitcoin, Ethereum and Monero are digital currencies whose numbers and / or value grows as new transactions are validated by solving complex mathematical problems. Lending your computing power to keep the blockchain alive increases the currency”s value, and also fattens your personal crypto wallet, but only if you can mine quickly enough – which requires immense computing resources, especially for the likes of Bitcoin.

Coinhive sells a cryptocurrency mining tool that allows users to embed it in a desired platform – such as a website – and mine Monero using visitors” computing power. It advertises the tool as a more elegant alternative to displaying intrusive ads. Currently, one Monero unit is valued at around $400.

But there”s a problem with Coinhive. The service is apparently so alluring to fast-buck aficionados that it has become a one-stop-shop for bad actors. The latest such incident was reported on Reddit, where a user nicknamed “Rundvleeskroket” revealed that Blackberry was hacked for cryptocurrency mining.

A friend of Rundvleeskroket discovered the hack, and shared a screenshot of the Blackberry site”s source code where Coinhive is clearly referenced. A spokesperson for Coinhive soon joined the discussion and confirmed that someone indeed had hacked Blackberry, and a number of other sites, and used their tool for the reported nefarious purpose.

“We’re sorry to hear that our service has been misused. This specific user seems to have exploited a security issue in the Magento web shop software (and possibly others) and hacked a number of different sites,” the representative said.

Ironically, Blackberry claims to be offering the “world”s most trusted mobile security software.”

Security vendors, including Bitdefender, classify cryptocurrency miners as malware, and block them. Although Coinhive states that customers should warn their end-users of the practice, many prefer to keep their mining a secret.

The past year has seen several reports of concealed cryptocurrency mining – almost all of them involving Coinhive.

In September last year, The Pirate Bay notably ran what it called a “test pilot program” to see if mining Monero worked as an alternative to displaying ads. A month later, an engineer discovered a hidden cryptocurrency miner inside a popular Google Chrome URL shortening extension.

Oslo-based Opera Software AS recently rolled out a new version of its web browser, featuring an anti-Bitcoin mining tool. Browser extensions serving the same purpose are available for Google Chrome users as well.

Update:

BlackBerryMobile.com is operated by TCL Communication who manufactures, markets and sells BlackBerry Android smartphones globally under a brand licensing agreement with BlackBerry Limited. Soon after this story hit the wires, a Blackberry spokesperson reached out to us to clarify some matters.

“Recently, BlackBerry Limited was alerted by a third party of an exploited security vulnerability affecting the BlackBerryMobile.com site,” the spokesperson said. “Upon notification and our own verification, BlackBerry Limited moved quickly to communicate with our partner at TCL and to temporarily redirect our links to BlackBerryMobile.com to BlackBerry.com pages.

The representative insisted that “At no time was BlackBerry.com compromised,” adding that “TCL has restored a new site with partial content and is collaborating with BlackBerry Limited to harden its site to prevent future cyberattacks.”

tags


Author



Right now

Top posts

Enhance your cyber resilience and privacy on Computer Security Day in four easy steps

Enhance your cyber resilience and privacy on Computer Security Day in four easy steps

November 29, 2022

2 min read
How to monitor your online privacy during your Thanksgiving trip

How to monitor your online privacy during your Thanksgiving trip

November 22, 2022

3 min read
Just your yearly dose of Black Friday spam: Cybercrooks get ahead of the game to steal shoppers’ info

Just your yearly dose of Black Friday spam: Cybercrooks get ahead of the game to steal shoppers’ info

November 16, 2022

6 min read
Bitdefender VPN in 2022: the new, the improved, and the soon-to-be

Bitdefender VPN in 2022: the new, the improved, and the soon-to-be

November 14, 2022

5 min read
Cyber Tips for a Spook-Free Halloween

Cyber Tips for a Spook-Free Halloween

October 26, 2022

3 min read
August Spam Debrief: Bitdefender Labs Warns of Fraud Campaigns Exploiting the Russia-Ukraine War

August Spam Debrief: Bitdefender Labs Warns of Fraud Campaigns Exploiting the Russia-Ukraine War

August 31, 2022

4 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

Hacking cars remotely with just their VIN Hacking cars remotely with just their VIN
Graham CLULEY

December 05, 2022

2 min read
Russian courts attacked by CryWiper malware that poses as ransomware Russian courts attacked by CryWiper malware that poses as ransomware
Graham CLULEY

December 05, 2022

2 min read
Android App in Google Play Store Was Harvesting SMS Messages Helping Criminals Create New Accounts Android App in Google Play Store Was Harvesting SMS Messages Helping Criminals Create New Accounts
Silviu STAHIE

December 02, 2022

1 min read