LA Times Hit by Cryptojacking, Hacker Leaves Friendly Note

A cheeky hacker not only hijacked the LA Times' code to get its visitors to mine cryptocurrencies but also left a friendly note telling the newspaper it should update its cloud storage settings.

Cryptocurrency-related hacking is all the rage these days. It’s like a gold rush, except instead of marauders, we now have hackers that mine coins using unwitting victims’ systems.

This time, the Los Angeles Times got hit by an attack in which its Amazon S3 bucket (a platform used to store data) was hijacked with code from the infamous CoinHive platform.

In theory, CoinHive is used to allow websites to mine Monero from their visitors’ CPUs to generate passive income as an alternative to advertising.

However, some hackers have used this as a means to hijack web servers and transform them into mining mills that send cryptocurrency directly to their own wallets.

Although it is usually easy to spot a CoinHive script on a website, such wasn’t the case with the LA Times.

The hacker obfuscated the code to make it look like a bunch of gibberish inside the page source.

Whoever it was managed to infiltrate the newspaper’s Amazon S3 bucket because it was set by accident in a way that anyone who gains access can write to it.

The person behind the attack was even kind enough to leave a note:

“Hello. This is a friendly warning that your Amazon AWS S3 bucket settings are wrong. Anyone can write to this bucket. Please fix this before a bad guy finds it.”

Although CoinHive is often associated with malicious activities such as cryptojacking, it is sometimes used as a legitimate alternative to ads.

Salon, for example, recently implemented the script to offer a choice to readers who use Adblock on its site.

Instead of simply begging them to turn it off as most sites do, the publication gives them the choice to mine Monero for it while reading it for free.

After clicking on the cryptocurrency mining option, readers get anotification asking them if allows Salon to use their computer resources to perform calculations.