Cryptocurrency Miner Discovered on D-Link’s Official Website

Security researchers from Seekurity have discovered a JavaScript-based cryptocurrency miner on the official D-Link website (dlinkmea[.]com). This miner was designed to mine Monero cryptocurrency directly through visitors’ web browsers.

The issue came to light after a Facebook user, Ahmed Samir, reported a sudden spike in CPU usage while visiting the D-Link site. Upon investigation, researchers found that each time a page was loaded, a separate domain with a hidden iframe element was triggered. This iframe contained a script that enabled cryptocurrency mining in the user’s browser without their knowledge.

After being notified by the researchers, D-Link responded by taking the entire website offline and redirecting users to the American version of the site (us.dlink.com). According to the researchers, the decision to shut down the whole site instead of simply removing the single line of code with the hidden iframe may indicate that the D-Link portal was the target of a cyberattack.