According to sources, Hello Kitty malware is targeting websites based on Drupal network in order to mine cryptocurrency. The servers under control of the updated kitty malware are been attacking and creating back-ends to infect other servers.
According to a recent research by Imperva Incapsula, an online security company, Kitty malware is attacking Drupal’s Content Management System [CMS]. Imperva Incapsula is a platform that is based on ‘cloud-application delivery’ services. Web-protection services and security integration services are provided by the company.
Further, it is indicated that the cause for the easy manipulation and attacks is the new version, Drupalgeddon 2.0. It’s been a month since the update and the vulnerability was stated ‘highly critical’. The vulnerability has led to loopholes wherein attackers use vectors to compromise the Drupal websites.
Drupal is an open-source content management framework which is freely available for websites. About 2.3% of all websites are known to be using back-end framework provided by Drupal.
The websites are generally abused for cryptojacking. Cryptojacking is hacking through software to take control of a computer’s resources to use it for cryptocurrency mining.
Kitty malware is so much caught up in the news because of its ability to infect internal network, server or even a website. According to certain sources, Kitty malware uses the Monero cryptocurrency. Technically the action is then followed by creating a bash script (computer programming language) called kdrupal.php which is written in an infected disc of a server. This process is periodically repeated every minute to get a firm control of the server.
Leon, a computer engineer says:
“This is like a biological virus attack. You don’t know until it’s too late, only when the virus has taken over the cell’s control is when the White blood cells are released. This is a serious concern, I suggest Drupal framework- websites to perform thorough security checks for any malware on their back-end”
Tracey, a crypto-enthusiast says:
“I really like the way the attackers use kitty to conceal their intentions, I mean ‘please don’t delete me I’ma harmless kitty” who would”