Make-A-Wish never patched the Drupal vulnerability which has allowed hackers to steal CPU-cycles to allow them to mine Monero cryptocurrency. Researchers have realized the miner has been active since May and is JavaScript-based after taking a quick look at drupalupdates.tk domain. “Embedded in the site was a script using the computing power of visitors to the site to mine cryptocurrency into the cybercriminals’ pockets, making their ‘wish’ to be rich, come true.” A hack campaign of any kind is unfortunate, but one like this targeting a giving charity right before the holidays is one of the more ruthless we’ve seen recently. This effort was especially hard to discover on the grounds that it utilized distinctive systems to evade static alarms. For example, it begins with changing domains that have the miner. At that point, the WebSocket intermediary additionally utilized distinctive sites and IPs to keep them unknown. There has been a patch (CVE-2018-7600) for this vulnerability for a while. In June it was estimated that there were 115,000 sites still vulnerable.