The crypto mining malware epidemic is expanding more and more: almost 50,000 WordPress sites have been infected with crypto-jacking scripts, according to security researcher Troy Mursch from Bad Packets Report.
Relying on source-code search engine PublicWWW to scan the web for pages running crypto-jacking malware, Mursch was able to identify at least 48,953 affected websites.
It is worth pointing out that Mursch was able to find at least 30,000 websites running Coinhive back in November last year.
For the rest, Bad Packets Report indicates the remaining 19 percent are spread between various Coinhive alternatives, like Crypto-Loot, CoinImp, Minr and deepMiner.
His research suggests there are 2,057 sites infected by Crypto-Loot, 4,119 by CoinImp, 692 sites by Minr, and 2,160 by deepMiner.
Back in February, security researchers discovered that a slew of legitimate websites – including government and public service agency portals – were quietly running crypto-jacking scripts.
The researcher has also published a document on PasteBin file detailing the 7,000 affected sites found since January 20 this year. “Some of these sites have already removed the crypto-jacking malware,” the PasteBin page reads. “However, many remain compromised. Browse at your own risk.”