This article was published on November 19, 2018

Hackers infect official Make-A-Wish site with cryptocurrency mining malware

Even charities aren't off-limits for crypto-jackers.

Hackers infect official Make-A-Wish site with cryptocurrency mining malware
Neer Varshney
Story by

Neer Varshney

Former TNW writer

It seems crypto-jackers have absolutely no ethical standards. After governments, universities, and technology giants, even charitable organizations are finding themselves at the receiving end of cryptocurrency malware. The latest victim is the US-based Make-A-Wish Foundation.

Researchers from security firm Trustwave found that one of the foundation’s websites – – was compromised with cryptocurrency malware known as CoinImp. The malware infects the website with a malicious script to steal visitors’ computing power to covertly mine cryptocurrency.

A screenshot of Make-A-Wish Foundation’s website showing the CoinImp mining script. Source: TrustWave.

The researchers note the origin of the malware is likely Make-A-Wish’s decision to use an outdated version of Drupal’s content management system.

Earlier this year, researchers reported hackers had targeted nearly 100,000 Drupal sites as part of a malware campaign that later became popular as “Drupalgeddon 2.” Trustwave suspects the Drupalgeddon hackers might be responsible for the attack on Make-A-Wish too.

According to Trustwave, the mining script has since been removed from the Make-A-Wish website.

Crypto-jacking scripts have become a menace over the past year, infecting websites all across the globe.

Hackers were able to exploit 400 prominent websites using outdated versions of Drupal, including those of the US National Labor Relations Board (NLRB), Chinese tech company Lenovo, Taiwanese network hardware maker D-Link, and the University of California, Los Angeles (UCLA).

It’s not only Drupal sites at risk though. More than 300,000 routers in India and Brazil were found to be infected with cryptocurrency mining malware earlier this year.

A research conducted by McAfee Labs found that more that 2.5 million new cryptojacking scripts were installed just in the second quarter of 2018.

It’s worth pointing out that mining scripts aren’t always planted by hackers. Charities, including Unicef and, used it on volunteer-basis to raise money for their initiatives — although critics raise doubts on its effectiveness.

If you’re concerned about your computer being unscrupulously used to mine cryptocurrencies, here’s a handy guide on how to stop it.

Get the TNW newsletter

Get the most important tech news in your inbox each week.

Back to top