Published: Mon, February 12, 2018
Sci-tech | By Carrie Guzman

Government websites hit by cryptocurrency mining malware

Government websites hit by cryptocurrency mining malware

More than 4000 websites, including many belonging to governments around the world, were hijacked this weekend by hackers who managed to plant CoinHive code created to exploit the computer power of visiting PCs and mine for cryptocurrency.

The computers of internet users visiting a number of government agencies and bodies were yesterday forced to run software that mines, or creates, a cryptocurrency similar to Bitcoin. The web screen reader which helps people with visual impairments is embedded in more than 4,000 websites, many of them belonging to governments. A spokesman for the... Thousands of sites, including the UK's National Health Service, and the UK's own data protection watchdog, were affected.

"When you load software like this from a third party, that third party can change it and make it do whatever they want", he said.

Hackers inserted a script called Coinhive, the makers of Browsealoud, Texthelp, has confirmed.

Koreans outraged after NBC analyst's Japan gaffe
Japan's occupation of Korea remains a contested subject in the relationship between the two nations. The committee said it lodged an complaint immediately after becoming aware of the remarks.

Security researcher Scott Helme discovered the hack when a pal mentioned getting antivirus alerts on a UK Government website. He said he learned about the compromised JavaScript file on Sunday morning. Hackers are able to generate profit through crypto-jacking. Texthelp took the Browsealoud plugin offline on Monday morning. The Queensland legislation website had taken further steps to get rid of the malicious script. A single company being hacked has meant thousands of sites impacted across the UK, Ireland and the United States. It has the ability to utilise computer power to mine Monero when the browser window was loaded.

"Texthelp has in place continuous automated security tests for Browsealoud, and these detected the modified file and as a result the product was taken offline", Texthelp chief technology officer Martin McKay said in a statement.

BuzzFeed News has sought comment from the Queensland government, and the Australian Cyber Security Centre.

A spokesperson for the NCSC said: "Technical experts are examining data involving incidents of malware being used to illegally mine cryptocurrency".

Like this: