ghost

Hackers successfully breached the servers of a popular blogging platform and used them to mine cryptocurrency.

Ghost, a Singapore-based blogging platform with 2,000,000 installations and 750,000 active users, announced that hackers had breached their systems. 

“The mining attempt… quickly overloaded most of our systems which alerted us to the issue immediately,” the company announced May 3, adding that “[t]here is no direct evidence that private customer data, passwords or other information has been compromised. 

The hackers compromised Ghost’s servers by exploiting two major vulnerabilities in SaltStack, a network automation tool typically used by IT support and system administrators. Ghost is just one of several companies and organizations that have been compromised since the vulnerabilities were disclosed, including LineageOS, an Android-based operating system, and Digicert, a security certificate authority. 

As of May 4, Ghost announced that it had successfully purged the cryptocurrency mining malware from its systems. The company also stated that they would be notifying their customers, which include NASA, Mozilla, and DuckDuckGo.