A security expert claims the Los Angeles Times website is mining the cryptocurrency Monero.

British cybersecurity expert Kevin Beaumont posted this to Twitter:

The Register raised the alert just two days after Beaumont warned that leaving files world writable and in an easily accessible place would make companies a target:

He claims the problem lies in Amazon’s AWS servers. Misconfigured S3 buckets – the places where businesses upload their data – have been found leaking data. Security firm UpGuard has had a merry time lately outing all the companies that have leaky S3 buckets.

Here’s where the Coinhive malware was hiding in the LA Times’ script:

Coinhive is legitimate software. If you own a website, you can embed it as an alternative to running ads for income.

It’s the same software plugin that Salon used to try out a new funding model.

If you want to block ads on Salon’s website, you have you to agree to let the site use your unused computing power to mine Monero.

But if you leave your defences down — say, in the form of a leaky AWS bucket — hackers can insert the code in your website and have the coins mined to their account.

Some of the bigger victims in the past couple of months include Politifact and Showtime.

At least one of the LA Times hackers was kind enough to leave a warning:

Want to read a more in-depth view on the trends influencing Australian business and the global economy? BI / Research is designed to help executives and industry leaders understand the major challenges and opportunities for industry, technology, strategy and the economy in the future. Sign up for free at research.businessinsider.com.au.