Cryptojacking Has Now Spread To Government Websites
UK and Australian government websites have reportedly been used to secretly mine cryptocurrency. In a process now referred to as cryptojacking, malicious hackers infiltrate the computers of unsuspecting users by using malware. Usually, this malware latches onto popular third-party browser plugins when people visit an affected website. Once a user’s computer system is inflicted with this malware, programmed scripts use their CPU power to mine cryptocurrencies without their permission.
In what’s being considered a worldwide security breach, thousands of websites which include the UK’s data protection authority, National Health Service, Student Loans Company, and the Northern Powergrid have been targeted. Meanwhile, in Australia, official websites of the Victorian parliament, Queensland Civil & Administrative Tribunal (QCAT), Queensland ombudsman, and the Queensland Community Legal Center have all fallen victim to cryptojacking.
Browsealoud Plug-In Exploited by Cryptojackers
This particular series of attacks took advantage of a security vulnerability in the Browsealound plugin. Basically, Browsealoud is designed to help the visually impaired by converting text on websites to audio format. The simple plugin was exploited by Coinhive’s scripts (computer code), which were added onto to Browsealoud’s software, according to designers of the plugin. After the scripts had been inserted, they began to mine the Monero cryptocurrency.
Due to these malicious attacks, the Browsealoud plugin was deactivated on Monday. Now, any new users who visit the targeted websites will not be affected by the Coinhive mining script. The Queensland legislation website completely removed the Browsealoud plugin on their own recently. However, the plugin remained active on the Victorian parliament, QCAT and the Queensland ombudsman websites.
An Easy Problem To Solve
Scott Helme, a UK-based security consultant, stated that “When you load software like this from a third party, that third party can change it and make it do whatever they want…There are easy ways to make sure they don’t do that”. Mr. Helme managed to detect these mining scripts, and thinks that the governments have enough resources to stop them. Presently, it’s not clear exactly how Browsealoud was exploited, so it’s not yet possible to determine the particular faults or vulnerabilities that led to the cryptojacking, according to Helme.
An investigation has been launched by the company that made the Browsealoud plugin to find out just how these mining scripts managed to spread. Per the company, scripts ran for four hours on Sunday (February 11th) before being stopped. Luckily, no data was redirected as result of these attacks and only users’ CPUs were used to mine cryptocurrency, according to reports. Helme, who has now reported this event on his website, has pointed out that it’s understandable if a website run by a smaller organization was infiltrated. However, he feels that large entities such as governments should have better “defence mechanisms” in place to prevent such attacks.
Clearly, much better preventive measures need to be implemented in the overall security of websites. When users visit a particular website, they should feel confident that their privacy and security will not be compromised. It’s the responsibility of the website owners to provide a safe connection that will not allow visitors to be exploited in any manner.
Most of the popular browsers such as Google Chrome and Internet Explorer offer the option to install extensions which can prevent cryptojacking. Also, as reported earlier by Core Media, the desktop and mobile versions of the Opera browser now come with a built-in plugin that stops cryptojackers from launching their scripts on your computer.