Hackers hijack government websites to mine crypto-cash

/in






The Information Commissioner’s Office (ICO) took down its website after a warning that hackers were taking control of visitors’ computers to mine cryptocurrency.
Security researcher Scott Helme said more than 4,000 websites, including many government ones, were affected.
He said the affected code had now been disabled and visitors were no longer at risk.
The ICO said: “We are aware of the issue and are working to resolve it.”
Mr Helme said he was alerted by a friend who had received a malware warning when he visited the ICO website.
He traced the problem to a website plug-in called Browsealoud, used to help blind and partially sighted people access the web.
Texthelp, the company which makes the plug-in, confirmed that the product was affected for four hours by malicious code designed to generate cryptocurrency.
The cryptocurrency involved was Monero – a rival to Bitcoin that is designed to make transactions in it “untraceable” back to the senders and recipients involved.
The plug-in had been tampered with to add a program, Coinhive, which “mines” for Monero by running processor-intensive calculations on visitors’ computers.
Once the plug-in was infected, it affected thousands of other websites in addition to the ICO’s, which used it.
By Rory Cellan-Jones, BBC technology correspondent
The surge in value of Bitcoin and other cryptocurrencies hasn’t escaped the attention of hackers looking to make a quick buck.
Mining, the process where new digital coins are created by solving complex mathematical problems, uses increasing amounts of computer processing power and that means big electricity bills.
All the better then if you can get other people’s computers to do the job. The hackers do this by inserting software into websites which then means that, unbeknown to them, visitors’ computers are put to work mining cryptocurrencies.
It seems that the Information Commissioner’s site along with others run by the government were infected by crypto-mining code injected into some accessibility software they all use.
This kind of attack is becoming increasingly common and while it appears not to cause data loss or damage to systems, it does…

Source…