February 12, 2018 by

Cryptomining Malware Discovered in US, UK Government Websites

Thousands of websites around the world, including those belonging to UK and US governments, have been infected with malware that secretly mines cryptocurrencies, researchers revealed.

First discovered by British security researcher Scott Helme, the malware attack is the first of its kind wherein a new breed of hackers have launched a comprehensive campaign to compromise websites into working toward mining cryptocurrencies like bitcoin.

“If you want to load a crypto miner on 1,000+ websites you don’t attack 1,000+ websites, you attack the 1 website that they all load content from,” Helme said.

As the Register reports, all the affected websites use Browsealoud, a popular plugin that reads out webpages to partially sighted or blind people. The technology behind the plugin, however, was compromised by hackers who tweaked its source code to inject a Monero miner into every webpage offering the plugin.

As a result, any user visiting a website with the embedded plugin ran the hidden mining code on their computer. Over 4,200 websites were compromised. The developer of the compromised plugin said it took the affected version of the plugin offline after it was found to be compromised.

“This was a criminal act and a thorough investigation is currently underway,” the company said in a statement.

The incident has been coming. Researchers have previously warned of new variants of malware that funnel profits to their authors while being completely clandestine. Cryptomining malware, in particular, has “exponentially increased,” wrote researchers at Cisco Talos.

“At a high-level mining is simply using system resources to solve large mathematical calculations which result in some amount of cryptocurrency being awarded to the solvers,” Cisco researchers wrote in a research note.

Thankfully, however, the code was only active for a handful of hours on February 11 before the plugin’s developer disabled the compromised malware.

About the author

Image of Author

LIFARS is the global leader in Digital Forensics and Cyber Resiliency Services. Our experience spans two decades working on high profile events, often in concert with Law Enforcement Agencies around the world. Our proprietary methodology derives directly and indirectly from our experience working with and for U.S. Intelligence Agencies, Interpol, Europol, and NATO. We are solely dedicated to Cyber Resiliency and thus pay close attention to all aspects of our clients’ engagements experience while providing a strategic and integrated array of services to minimum risk and disruption while protecting your brand.

Related articles

$3 Million in Cryptocurrency: Hackers Pull Off “One of Biggest Mining Operations” Ever

Hackers targeting the servers of popular open source Java-based automation program Jenkins CI have...

Read more arrow_forward