US and UK government computers hijacked by cryptocurrency-mining malware

Over this past weekend, US and UK government websites and reportedly, thousands of others worldwide, have been exploited by a malware that hijacks visitors’ computers to mine cryptocurrency.

The hacked websites included the UK Information Commissioner’s Office (ico.org.uk), UK Student Loans Company, Barnsley Hospital, and the website for the American court system (uscourts.gov).

The malware has been first detected by Scott Helme, an Information Security Consultant from the UK. In an online post, Helme said the malware had now been disabled.

The malware, called Coinhive, leveraged the victims’ devices to generate the cryptocurrency Monero by performing mining calculations.

The Monero startup subsequently closed its website, and was in maintenance mode. The site seems to be operational at the time of writing this post.

As an article on TechCrunch explains, “In order to get the crypto-mining software onto unsuspecting computers, the hack targeted an accessibility plugin called Browsealoud that makes the web easier to use for people with dyslexia or low English comprehension. After compromising Browsealoud, the hackers altered the plugin’s code, injecting malicious JavaScript in order to secretly run the mining software known as Coinhive on unsuspecting machines.”

The maker of the plug-in, Texthelp, confirmed that its product was breached for four hours by the mining malware.

Recently, there has been a noticeable uptick in cyberattacks focused on cryptocurrency-mining malware that without authorization takes advantage of available CPU resources to make money.

Just last month, cybersecurity firm CrowdStrike highlighted the rise of malicious cryptocurrency mining, a relatively new type of crypto attacks. The startup wrote that it “expects to see much more” of this activity in 2018.

According to a November 2017 report, Coinhive has become the sixth most common form of malware. It has previously been discovered in Google ads, the Ultimate Fighting Championship website, and TV network Showtime, among many others.

Image credit: Scott Helme. White text is the original code and purple text is the code injected by the attacker

Related News

Bitcoin Now Accepted at Starbucks, Nordstrom, Whole Foods, Other Major Retailers

One May afternoon Cameron and his brother Tyler Winklevoss, both well-known bitcoin billionaires, decided to quench

Read-more

Did you know you can buy a sub with cryptocurrency?

“Bitcoin can’t be used to buy anything,” they used to say. Well, we know it’s not true.
An interesting fact: One of the first business establishments in the United States

Read-more

New Investment Pattern Being Developed by Trident ICO

The cryptocurrency market has so far been dominated by Bitcoin. In fact, many analysts and investors called 2017 the year of the Bitcoin. While Bitcoin is still the world’s

Read-more

Short Intro to Cryptocurrencies

While the introduction of cryptocurrencies occurred nearly 9-year ago in 2009, the concept only became mainstream in the investment community in 2017. The surge in Bitcoin

Read-more