Over 5,000 government websites from around the world have fallen victim to malware that forces a visitors’ computer to mine cryptocurrency while they are surfing an the infected website. Amongst the websites infected by the malware were Student Loans Company, Australian legislatures, the US court info system and many English council websites.
The mining went on for several hours on the 11th of February. Seems hackers inserted the cryptojacking script into the website codes via BrowseAloud, a plugin that allows the blind to use the internet. The mining stopped when Texthelp turned off the plugin in an effort to help with the investigation.
The discovery was made after an IT security consultant named Scott Helme was contacted by a friend whose antivirus software discovered problems after he had been on some government websites. Scott was rather alarmed by the size of this established hack. He stated to Skynews, “This type of attack isn’t new – but this is the biggest I’ve seen. A single company being hacked has meant thousands of sites impacted across the UK, Ireland and the United States,”
Major precautions were taken amidst the malware’s discovery. A National Cyber Security Spokesperson spoke out about the issue, “NCSC technical experts are examining data involving incidents of malware being used to illegally mine cryptocurrency. The affected services has been taken offline, largely mitigating the issue. Government websites will continue to operate securely. At this stage there is nothing to suggest that members of the public are at risk.”
Nobody has tracked down the hackers yet, but it is pretty clear that these are criminals who aim at making a lot of money fast. We can only expect similar attacks in the future. Although antivirus tools have no problem tracking these hacks, this will not stop the problem. What will is subresource integrity, but sadly it seems most websites, government and otherwise are in no rush to implement this.