Plus   Neg

'Cryptojacking' Malware Hits Government Websites Globally


Thousands of government websites across the world were infected by a malware over the weekend that forced visitors' computers to mine cryptocurrency while using the sites, a process known as "cryptojacking."

The malware introduced a cryptomining script called CoinHive on pages of over 4,000 websites. The malware used an assistive software plug-in known as Browsealoud, which is a screen reading & translation tool for those with reading difficulties.

The infected websites included the US Courts, UK Information Commissioner's Office, or ICO, the Student Loan Company, and the NHS, among others.

Some Australian government websites were also infected.

The ICO took its site offline to prevent further infection.

UK's National Cyber Security Centre said the incident is being investigated by its technical experts.

"The affected service has been taken offline, largely mitigating the issue. Government websites continue to operate securely," a NCSC spokesperson said on the agency's website.

"At this stage there is nothing to suggest that members of the public are at risk."

The Browsealoud plug-in is made by the British company Texthelp. The CoinHive crypto mining script will mine a cryptocurrency called Monero that is focused on transaction privacy.

"This is not a particularly new attack and we've known for a long time that CDNs (content delivery networks) or other hosted assets are a prime target to compromise a single target and then infect potentially many thousands of websites," security researcher Scott Helme said.

Texthelp's website was also compromised.

"At 11:14 am GMT on Sunday 11th February 2018, a JavaScript file which is part of the Texthelp Browsealoud product was compromised during a cyber attack," the company announced on its website.

Texthelp removed the Browsealound plug-in from the different websites and confirmed that the attack lasted for a period of four hours on Sunday.

Browsealoud will remain offline until Tuesday 12:00 GMT, the company said. No customer data has been accessed or lost and no other products have been affected, Texthelp added.

For comments and feedback contact: editorial@rttnews.com

Forex News

Follow RTT