Published: Mon, February 12, 2018
Business | By Max Garcia

Nefarious Bitcoin miners have hijacked government websites worldwide

Nefarious Bitcoin miners have hijacked government websites worldwide

Some of the other sites Helme listed were ICO, the UK's independent authority set up to uphold information rights in the public interest, the Student Loan Company in the United Kingdom, the General Medical Council in the United Kingdom, the NHS, and the U.S. courts website.

The hack comes less than a year after the "Wannacry" cyber attack that disrupted computers belonging to more than a third of NHS trusts.

"This is not a particularly new attack and we've known for a long time that CDNs or other hosted assets are a prime target to compromise a single target and then infect potentially many thousands of websites".

Down Under, the cryptojacking affected the "the Victorian parliament, the Queensland Civil and Administrative Tribunal, the Queensland ombudsman, the Queensland Community Legal Centre homepage, and the Queensland legislation website, which lists all of the state's acts and bills", reports The Guardian. The sites of UK's own data protection watchdog and UK's National Health Service were supposedly hit along with other websites.

It seems that the Information Commissioner's site along with others run by the government were infected by crypto-mining code injected into some accessibility software they all use.

Scott Helme, the security researcher who first spotted the hack, said of the attack: 'It means unsuspecting visitors to those websites have their devices - whether it be a phone, tablet or computer - also hacked.

According to the Register, all of the afflicted websites ran British tech company Texthelp's Browsealoud plugin, which reads out websites for people with visual impairments like full or partial blindness or conditions like dyslexia. Coinhive hijacks the processing power of a user's computer to mine Monero.

"But there were ways the government sites could have protected themselves from this".

The Browsealoud service has been temporarily taken offline and the security breach has already been addressed.

In December The Guardian reported that almost 1 billion visitors to the video sites Openload, Streamango, Rapidvideo and OnlineVideoConverter were also being crypto-jacked. Government websites continue to operate securely.

"The company has examined the affected file thoroughly and can confirm that it did not redirect any data, it simply used the computers' CPUs to attempt to generate cryptocurrency", it said.

The Queensland Government legislation website appears to be among the Australian sites affected.

Like this: