UK, US government websites hacked to mine cryptocurrency

Feb 15, 2018, 01:17
UK, US government websites hacked to mine cryptocurrency

The Information Commissioner's Office website is still offline. Coinhive hijacks the processing power of a user's computer to mine Monero.

The code is now disabled and websites are no longer affected but the hackers had affected over 5,000 websites.

Rather than focusing on cryptocurrency, the earlier incident saw many NHS trusts targeted, with software shutting down individual terminals and demanding a specific sum of money to restore access.

In December The Guardian reported that almost 1 billion visitors to the video sites Openload, Streamango, Rapidvideo and OnlineVideoConverter were also being crypto-jacked.

Scott Helme, a UK-based security researcher, has uncovered that a cryptocurrency mining script was injected in Text Help's accessibility services plugin called BrowseAloud.

"There's a technology called SRI (Sub-Resource Integrity) created to fix exactly this problem, and unfortunately it seems that none of the affected sites were using it".

"In the case of scripts like Coinhive, it means being able to inventory all the third party code running on your web assets, and being able to detect instances of threat actors leveraging your brand on their illegitimate sites around the internet". Sometime last weekend, a third-party made modifications to BrowseAloud by adding the Coinhive mining software.

It seems that we won't be escaping the cryptocurrency headlines anytime soon, as this week the United Kingdom government suffered from a major security breach.

Helme said he initially verified that about 20 Browsealoud clients carried the code, but he provided a list of 4,275 sites around the world that carried the Browsealoud script, and as such were likely to have been infected.

"If you want to load a crypto miner on 1,000 websites you don't attack 1,000 websites, you attack the one website that they all load content from".

Hackers trying to mine the digital currency Monero exploited thousands of websites, including those for educational institutions in the US and elsewhere. Closing the window stops the code from running.

Some Australian government websites appear to have been used by hackers in crypto-jacking, in which computers are secretly forced to mine cryptocurrency. It was originally developed as a way for website operators to decrease their reliance on advertising, but has since been widely abused by hackers.

Martin McKay, Chief Technology Officer and Data Security Officer for TextHelp added, "A security review will be conducted by an independent security consultancy".

The National Cyber Security Centre said that they were investigating the incident.

YOU MIGHT ALSO LIKE
  • Facebook gets personal with new lists update

    Facebook gets personal with new lists update

    Facebook has introduced a new feature that will allow users to make a list of various things and add it to their story. A recent eMarketer report indicates that Facebook lost approximately 2.8 million US users aged under 25 years in 2017.
    Methods to watch Elon Musk's Tesla Roadster disappear into deep house

    Methods to watch Elon Musk's Tesla Roadster disappear into deep house

    SpaceX's other drone ships are named after ships in books written by the same author. SpaceX is confident it can keep recovering boosters from Falcon Heavy launches.
    The Government Of Bashar-al-Assad Levels Massacre Accusations Against Washington

    The Government Of Bashar-al-Assad Levels Massacre Accusations Against Washington

    The strikes inflicted what could be the largest number casualties that the coalition has exacted against the pro-regime forces. This latest attack raises questions about whether US troops might exchange fire with Russian forces, which back Assad.
  • BMW reveals new X4 SUV

    BMW reveals new X4 SUV

    The BMW ConnectedDrive will offer Real-Time Traffic Information, On-Street Parking Information and the Concierge Services. The answer to the question nobody asked is back again, with BMW set to launch the second generation of its X4 crossover.
    Firmino looking to help fill Coutinho void for Liverpool

    Firmino looking to help fill Coutinho void for Liverpool

    In fact, it wouldn't surprise me if a few English teams end up competing at the back end of the Champions League this season. With Aboubakar likely out, Moussa Marega is likely to take precedence up front, but the forward is also a deadly threat.
    Leader Nordcorea Kim invita presidente Sudcorea Moon a Pyongyang

    Leader Nordcorea Kim invita presidente Sudcorea Moon a Pyongyang

    In precedenza era stato riferito che Moon Jae-in si sarebbe incontrato con Kim Yong-nam alla cerimonia di apertura delle Olimpiadi di Pyeongchang .
  • Golfer Bill Haas, Luke Wilson involved in deadly rollover crash

    Golfer Bill Haas, Luke Wilson involved in deadly rollover crash

    Police said Luke Wilson was in an SUV that was also sideswiped by the Ferrari, but Wilson was not injured. The Riviera Country Club hosting the Open is just a few minutes' drive from Pacific Palisades.
    Pochettino has advised Alderweireld he should get fitter

    Pochettino has advised Alderweireld he should get fitter

    The fans and the players have to work with each other as we did in those games and from then forward we've been really strong. He added: "I think last season he played so well, and then at the end of the season he suffered a problem in his ankle".
    Liverpool beat Saints as Firmino and Salah hit target

    Liverpool beat Saints as Firmino and Salah hit target

    The Reds face FC Porto in the Champions League next week and they will need their record signing if they want to progress. Southampton: McCarthy, Cédric, Stephens, Hoedt, Carrillo, Tadić, Romeu, Ward-Prowse, Lemina, Bertrand (c), Højbjerg.
  • Chicago Police Commander Shot, Killed in Thompson Center

    Chicago Police Commander Shot, Killed in Thompson Center

    A different officer came on the air and said they found the suspect and had him in handcuffs. "Keep the family in your prayers". He had been with the specialized mounted patrol unit and was now the commander of the high profile Near North District.
    Nigerian Inflation drops to 15.13 % in January

    Nigerian Inflation drops to 15.13 % in January

    It means prices are still rising faster than wages, according to the latest data, and have been for a full 12 months. Petrol prices rose by 1.1p per litre on the month to 121p per litre, while diesel rose 1p to 124.5p per litre.
    Egyptian army 'kills 16 militants' in Sinai operation

    Egyptian army 'kills 16 militants' in Sinai operation

    The Sinai borders Israel and the Gaza Strip and has always been a bastion for Islamic insurgent groups tied to al-Qaida. The statement says they discovered a communication center and six drug farms.
popular