nsucurrent.com April 19, 2018

Cryptomining malware spread via US, UK and Australian government sites

15 February 2018, 01:21 | Shelley Chandler

Image The code in purple is malicioius. Pic Scott Helme

The code in purple is malicioius. Pic Scott Helme

Hackers have reportedly hijacked government websites in order to mine cryptocurrency, according to the Evening Standard.

"We don't know how Texthelp were compromised yet, so it is hard to say whether they were really unlucky or there was some kind of inherent problem with what they were doing".

On Sunday, computer security researcher Scott Helme discovered the latest incident after a friend received a malware alert when visiting the ICO's site.

An accessibility service provided by Texthelp Limited has been breached by attackers unknown in a move which has seen cryptocurrency mining scripts planted on websites across the world - including, embarrassingly, the Information Commissioner's Office (ICO).

Texthelp, the company that makes the plugin, reported that its product was infected for a period of four hours, according to a blog post by security firm Wordfence.

"The affected services has been taken offline, largely mitigating the issue".

Coinhive, which "mines" for Monero by running processor-intensive calculations on visitors' computers, was added to Browesaloud by hackers and consequently affected thousands of websites, like the ICO's.

On investigating further, Helme found that several other government websites from various countries such as uscourts.gov, gmc-uk.gov, nhsinform.scot, manchester.gov.uk, and many more too had started injecting a Coinhive miner.

The researcher traced the code found in the ICO website to a third-party plugin, Browsealoud, which is meant to assist visually impaired visitors to website domains.

Hackers trying to mine the digital currency Monero exploited thousands of websites, including those for educational institutions in the USA and elsewhere.

When mining cryptocurrency, the processing power of a computer is used to validate transactions on the cryptocurrency network.

Some of the sites affected by CoinHive included United States Courts, the General Medical Council, the UK's Student Loans Company, NHS Inform and many others. The malware uses a visitor's own processor to mine for the Monero cryptocurrency.

The National Cyber Security Centre said that the malicious code had now been disabled and members of the public were no longer at risk.

Texthelp, the company that provides Browsealoud, has confirmed that the compromised plugin has been taken offline.

Leading Browsealoud reseller Texthelp said the hack was a criminal act. The company who makes the plug-in, Texthelp, thereafter confirmed the plug-in was hit for four hours by code created to generate cryptocurrency.

Other News

Trending Now

Costs have been filed in crash that killed Colts linebacker
Police in Whitestown, Ind. pulled over Orrego-Savala after he failed to stop at a stop sign, reports the Indianapolis Star . Orrego-Savala had a prior conviction for driving under the influence, and had been deported twice, according to officials.

Senate leaders forge ahead on funding deal as Trump threatens shutdown
The process will be "fair to everyone", with any senator allowed to bring proposals to the floor, he said . That bill also included a full year of funding for defense spending .

Xiaomi Redmi Note 5 Pro Launched At Rs. 13999
The 32 GB and 64 GB Redmi Note 5 are respectively priced at Rs. 9,999 (~$155) and Rs. 11,999 (~$187). The phone will come in two memory configurations, with 4/6GB RAM , and both will sport 64GB storage.

Tottenham confirm £25 million Lucas Moura signing
Moura was introduced to the Tottenham fans at half time during the 2-0 win over Manchester United . Instead he moved to PSG and became, at the time, the club's most expensive signing.

England skipper Morgan in doubt for T20s
Buttler played a key role in England posting 137 for 7 in the allotted 20 overs where the stand-in captain scored 46 off 49. I was hoping to be better than a run-a-ball with five overs to go and then really kick on, but it never happened.

Olympian Shani Davis Slams Opening Ceremony Flag Bearer Coin Toss
Mashable has reached out to Team USA for comment and will update this post pending any further information. Despite that resume, Hamlin - who is retiring after the Olympics - never thought she would be the pick.

Winter weather advisory issued for Saturday night, Sunday morning
Central Indiana may see several hours of light freezing rain starting early Sunday morning and continuing through mid-morning. We should see a little more than what we got last Tuesday , but it will NOT be an ice storm causing power outages.

Seoul confirms Kim Jong-Un sister's visit to South for Games
President Donald Trump and North Korean leader Kim Jong Un before the North Korean soldier defected in late November. Moon will also hold a lunch with the North Korean delegation, his spokesman, Kim Eui-kyeom, told a media briefing.

Travel warning as snow and ice forecast for north Wales
A very cold westerly airstream will bring frequent snow showers to many western and central areas on Sunday . Saturday won't be much different - although there will be some dry intervals at stages.

Canadian figure skaters modify 'edgy' sex position for Olympics
On that occasion, Lipnitskaya failed to medal in the individual competition as Russian teammate Adelina Sotnikova won gold. It wasn't a flawless skate, but as Radford put it, his most complex jumps, a pair of quads, "were fantastic ".