jQuery's spider web log website (blog.jquery.com) runs on WordPress—the world's most pop content administration scheme (CMS) used past times millions of websites.
While at that spot is no show even together with hence if the server (code.jquery.com) that host jQuery file was also compromised, The Hacker News took a screenshot (as shown above) together with tin give notice confirm that the hackers exactly published a uncomplicated spider web log postal service to deface the website.
The defaced spider web log postal service URL — https://warthunderhacking.blogspot.com//search?q=26/hacked/ (now removed).
Since the above-mentioned spider web log postal service was published nether the call of Leah Silber, a amount fellow member of jQuery team, it seems hackers were able to brand their postal service alive past times compromising Silber's account—probably past times reusing her password leaked inwards a previous information breach.
If not, the hackers powerfulness convey gained unauthorized access to the website either past times exploiting a (known or zero-day) vulnerability inwards Wordpress script or the server.
jQuery squad has at nowadays removed the postal service created past times the hackers every bit before long every bit they realized at that spot was a compromise, but together with hence far the organisation has non released whatever official disceptation close the incident.
This is non the start fourth dimension when jQuery's website has been compromised. In 2014, the principal domain (jQuery.com) was reportedly compromised, redirecting the site's visitors to a page hosting an exploit kit.
Since millions of websites straight purpose jQuery script hosted past times jQuery server, today's assault could live on worse if the hackers would convey been able to compromised code.jquery.com inwards an endeavor to supervene upon the official jQuery file alongside the malicious one, putting billions of visitors of millions of websites at lead chances of malware attacks.
H5N1 like incident took house yesterday, when a hacker managed to supervene upon official JavaScript file hosted past times Coinhive—a pop browser-based cryptocurrency miner—with a modified version that eventually tricked CPUs of millions of visitors of thousands of websites to mine cryptocurrencies for the hacker unknowingly.
Interestingly, Coinhive was also hacked via password reuse attack, allowing the assaulter to gain its CloudFlare trouble concern human relationship together with alter DNS settings unauthorizedly.
We'll update y'all alongside to a greater extent than information on the incident. Stay tuned!
