UK and Australia: Recently, websites are infested with cryptocurrency mining malware and can secretly open browsers in the computer background without the knowledge of users and mine cryptocurrencies even after closing all visible browser windows. A number of government websites in the UK and Australia have also been caught in this act this week.
Report has proven that this new trick called “cryptojacking” has already infested thousands of websites over the weekend. Anyone who visits the infested websites would have their computer hardware hijacked in order to mine cryptocurrencies for the hackers.
The report revealed that websites of the Student Loans Company, the NHS services, and several English councils, were all infected by the cryptocurrency mining malware. There was also report over the weekend that the website of the Information Commissioner’s Office, the UK’s data protection watchdog, was taken offline so as to deal with this malicious malware.
The body claimed the cryptocurrency mining malware came in through a plugin called “BrowseAloud” which was supposed to help partially-sighted people read content on the web. The creator of the malicious plugin “Texthelp” took their own website down while trying to resolve the problem. At least 5,000 websites have been affected by a variant of the Coinhive mining script, which allows the leeching of resources from the hardware of their readers.
An IT security consultant, Scott Helme, raised the alarm after his friend received an alert from his anti-virus software after visiting a government website. He said:
“This type of attack isn’t new – but this is the biggest I’ve seen. A single company being hacked has meant thousands of sites impacted across the UK, Ireland and the United States.”
It seems the cryptocurrency mining malware has also infested websites in Australia, which include the Queensland Community Legal Centre, the Queensland ombudsman, the Queensland Civil and Administrative Tribunal, the Victoria Parliament’s site, and the Queensland legislation website, which lists all of the state’s acts and bills.
However, the same plugin “BrowseAloud” was found to be the cause of the intrusion. Helme, who detailed the attack, stated that:
“There were ways the government sites could have protected themselves from this. It may have been difficult for a small website, but I would have thought on a government website we should have expected these defense mechanisms to be in place.”
According to Texthelp:
“The company has examined the affected file thoroughly and can confirm that it did not redirect any data, it simply used the computers’ CPUs to attempt to generate cryptocurrency, the exploit was active for a period of four hours on Sunday. The BrowseAloud service has been temporarily taken offline and the security breach has already been addressed.”
Is your antivirus software ready to combat the cryptocurrency mining malware? Share your experiences in the comments below.
Join Our Telegram Channel