HomeNewsPopular Ghost blogging platform experiences hack attack
News

Popular Ghost blogging platform experiences hack attack

Noredia Imuwahen
By Noredia Imuwahen
0
658
If you purchase via links on our reader-supported site, we may receive affiliate commissions.
ghost blogging hack saltstack
cyberghost vpn ad

Ghost blogging platform has been hacked by unknown hackers.

They infected Saltstack's servers to mine cryptocurrency, their virus attack affected Ghost’s billing services (Ghost.org) and Ghost Pro sites, as updated on the company’s status page.

Ghost, one of the popular blogging platforms announced that their servers suffered a security breach by yet to be identified hackers aiming to mine cryptocurrency from the platform’s server.  The intrusion to the blogging platform’s backend system was detected by her team of developers in the early hours of May 3 according to the company’s status page.

The breach on the Ghost blogging platform has created a negative impact on the company’s image having been regarded as one of WordPress’s leading competitors housing brand names like Mozilla, Code Academy, Tinder, Bitpay, etc. The method used was via the vulnerability method used by hackers earlier before to breach LineageOS servers.

How The Ghost Servers Was Breached

These hackers have been preying on the recently patched bugs to gain access to Salt servers to plant their cryptocurrency miners. Ghost blogging platform which is based on Node.js is known to run and marketed as not as complicated as WordPress. Ghost’s team of developers stated that the hackers utilized CVE-2020-11651 and CVE-2020-11652 vulnerabilities to gain control over Salt's clasp server.

Having broken into the blog’s servers, their access was limited to Ghost’s billing service venders and Ghost pro sites replacing them with cryptocurrency miner with user’s data and financial details untouched. Ghost developers further stated that the planted cryptocurrency miner tried to spike the CPUs to overload the platform’s security techniques but was instantly alerted of the breach.

The company behind the Salt software known as Saltstack, published patches thereafter to override the vulnerabilities. Users are advised to secure their servers behind a firewall or patch their Salt servers. Ghost was able to restore order to its platform by taking down its servers, eliminating the breach just like counterpart LineageOS.

RELATED POSTS

What is Zero Day Exploit? Risks and Why is it called Zero Day?

Android SLocker Capitalizes on Coronavirus Pandemic to Hijack Android

How to Secure Your WordPress Website from Hackers

5+ Golden Cybersecurity Tips for Students

Noredia Imuwahen
Noredia Imuwahen
Business Administrator, Writer, Social media manager, and a content management enthusiast.

Advertisement

Delete Me
Incogni Black Friday Ad
Heimdal Security ad

Subscribe to SecureBlitz Newsletter

* indicates required
Previous article
Android SLocker Capitalizes on Coronavirus Pandemic to Hijack Android
Next article
Dos And Don’ts Of Using A Public Wi-Fi [Ultimate Guide]
RELATED ARTICLES

LEAVE A REPLY

Please enter your comment!
Please enter your name here

This site uses Akismet to reduce spam. Learn how your comment data is processed.

IMPORTANT LINKS

NAVIGATE

CONNECT

ABOUT US

SecureBlitz is an online media publication that covers tips, how-to advice, tutorials, the latest cybersecurity news, security solutions, etc. for cybersecurity enthusiasts.

Contact us: secureblitz @ gmail . com

FOLLOW US