Crypto Mining Website Injection
The hijacked mining computers are being recruited to mine for the group supportxmr.com. If you use the ‘address’ in ‘payment address’, you’ll find a list of websites running this code, actively contributing to the hackers project.
We recommend a Website Firewall and regular scanning for Malware. Sucuri’s service picked up this obfuscated code on a client website, alerting us to the infection.
*** Update: As part of this find, we notified 25 websites about the infection, and many have since removed it. One organization claimed that there was a complaint lodged against them with the BBB after I had sent a notification about a week prior. Businesses ranged from Public Libraries to a Portable Bathroom company.