Severely underreported by major media outlets was the February report published by badpackets.net, revealing widespread cryptojacking via the use of the malicious Coinhive cryptocurrency mining code on hundreds of well trafficked websites hosted by the e-commerce and cloud computing giant Amazon.
The outbreak, which may have potentially already affected millions, has been traced to both government and private sector websites both in the U.S. and internationally.
Among the infected are sites for the College of Biblical Studies, the National Institute of Steel Detailing, the South Asia Forum for Infrastructure Design, and the San Diego Zoo.
A zoo. Yes, this is a new low.
Cryptojacking, which used to be exclusively executed when the victim unknowingly installed a program designed to mine cryptocurrency, has evolved with the recent outbreak of "in-browser cryptojacking" attacking individuals who never downloaded an infected application.
This recent cryptojacking outbreak affecting Amazon sites is thought to have originated via a vulnerability in an outdated version of the open source website building application Drupal.
Through the use of Amazon’s AWS (Amazon Web Services) platforms, cryptojacking attackers are able to leverage unsecured servers with public write permissions enabled to compromise hosted websites. The fact that most open source software is generally not always peer-reviewed or validated creates an easy opportunity for hackers to embed a malicious program into the software while both site operators and visitors are none the wiser.
Previous outbreaks of cryptojacking threats were executed using malicious JavaScript code that was running on the infected website. Since some version of the popular popularized JavaScript code runs on just about every website you visit, users can potentially be victimized every time they load an infected or compromised site.
In some cases, the user visits an infected site, the JavaScript code initiates, and a cryptojacking threat begins utilizing the infected computer’s resources to unleash the mining power of the affected system.
Unlike the traditional hallmarks of typical malware and ransomware threats that display ransom notifications upon infection, cryptojacking is not immediately noticed by victims.
The actual damages associated with this type of crime are charged to the victim via their utility company for electric usage spikes associated with cryptomining. This means that the millions of visitors of the websites affected can potentially have billions of dollars in losses.
According to a report from Digiconomist, it requires roughly 215 kilowatt-hours (KWh) to process just one Bitcoin transaction. Based on statistical averages cited in the report, American households generally consume 901 KWh per month.
Based on that number, a single Bitcoin transaction requires almost exactly the amount of energy needed to power an American home for a week. With an unknown amount of unsecured services within Amazon’s AWS, cryptojackers may continually sneak their mining code onto vulnerable sites and inject the malicious code to computers loading the attacked site.
Being that Amazon’s AWS is such a widely used platform that many high-profile sites utilize for their hosting needs, the playground for Coinhive cryptojacking looks to remain open for business, at least for now.
The damages associated with the new wave of cybercrime are still being assessed in real time. How this may affect the perception of the emerging cryptocurrency market also remains to be seen. The nature of this insidious new wave of infection requires increased vigilance by both site operators and end users.
Julio Rivera is a small business consultant, political activist, writer and Editorial Director for Reactionary Times. He has been a regular contributor to Newsmax TV and columnist for Newsmax.com since 2016. His writing, which is concentrated on politics, cybersecurity and sports, has also been published by websites including The Hill, The Washington Times, LifeZette, The Washington Examiner, American Thinker, The Toronto Sun and PJ Media and many others. For more of his reports, Go Here Now.
© 2025 Newsmax. All rights reserved.