Hackers and other crytocurrency thieves comb the web, searching for vulnerable pages into which they can insert their crypto-mining program scripts, which load and operate under the radar in the background of a computer’s hardware. These malicious scripts, while mining cryptocurrency for a third party, can actually deplete a computer’s processing resources, while the miners get all of the money…bad news all around.
Late last month, MakerBot, which operates the largest 3D printing file library and community in the world – Thingiverse – discovered that malicious crypto-mining code had been inserted into the comments of about 100 3D printable Things, due to a vulnerability in the comments section itself.
The site’s comments section is most often used for embedding helpful content, but in this case, the crypto-mining scripts were inserted instead. Fortunately for everyone involved, the malicious scripts never had access to Thingiverse users’ private data, and the site’s development team, together with the community, acted fast to stop the mining in its tracks.
The offenders were warned, or in some cases banned altogether, and Thingiverse recently deployed a fix, which will prevent similar malicious iframe embeds for the purposes of crypto-mining. However, you will still be able to embed friendly documents and videos in the site’s comments section.
Site users do not need to worry about any unsavory hackers or miners hijacking their uploaded Things, and it’s also not necessary for any extraordinary steps to be taken when accessing the site to protect the computer from attack. However, MakerBot does recommend that any users who are worried about cybersecurity should investigate browser add-ons and apps that can work to block malicious crypto-mining scripts from loading and causing havoc.
MakerBot says, even in light of this recent crypto-mining, it will keep operating the Thingiverse site “in the spirit of openness, community, and sharing.”
This is perhaps the most important takeaway from the incident – makers stick together through thick and thin. When Thingiverse was hit with a major challenge, MakerBot, and the rest of community, stepped up quickly to help protect each other, and their 3D designs.
What do you think of this news? Discuss this and other 3D printing topics at 3DPrintBoard.com or share your thoughts below.[Source: MakerBot]
Subscribe to Our Email Newsletter
Stay up-to-date on all the latest news from the 3D printing industry and receive information and offers from third party vendors.
You May Also Like
XJet Builds Momentum Moving Into 2023 – AMS Speaker Spotlight
Moving into 2023, XJet continues to build momentum in the additive manufacturing (AM) industry, delivering state-of-the-art 3D printing solutions for metal and ceramic AM. NPJ Technology Underlying XJet’s cutting-edge line...
How New Multi-material 3D Printing Can Transform the Dental Industry and Beyond – AMS Speaker Spotlight
Until now, additive manufacturing techniques have mainly been used to produce existing products in smaller quantities or in personalized forms. Occasionally, an additive manufacturing process can generate additional benefits, such...
3D Printing News Unpeeled: Impossible Objects, Soft Tissue Bitmaps and Aerorise
Weber University’s Miller Advanced Research and Solutions Center (MARS Center) has bought an Impossible Objects Composite-Based Additive Manufacturing system the CBAM-2. It is now reportedly using the system to make upgrades to...
3D Printing News Briefs, January 28, 2023: Bronze-Steel Alloys, 3D Printing on Textiles, & More
We’re starting with research in today’s 3D Printing News Briefs, as a research team based out of China developed a new approach for 3D printing hydrogel-based electronics. Also, researchers in...