Friday, 19 October 2018
Latest news
Main » Australian govt sites hijacked by crypto miner

Australian govt sites hijacked by crypto miner

12 February 2018

After a friend's anti-virus program set out an alert on the site of the UK Information Commissioner's Office, Helme found the malicious script and traced it back to its source: Browsealoud.

The hack comes less than a year after the "Wannacry" cyber attack that disrupted computers belonging to more than a third of NHS trusts.

More than 4000 websites, including many belonging to governments around the world, were hijacked this weekend by hackers who managed to plant CoinHive code created to exploit the computer power of visiting PCs and mine for cryptocurrency. Thousands of sites, including the UK's National Health Service, and the UK's own data protection watchdog, were affected.

Manchester.gov.uk, NHSinform.scot, agriculture.gov.ie, Croydon.gov.uk, ouh.nhs.uk, legislation.qld.gov.au, the list goes on.

According to a report on The Register, the parties behind this hack targeted websites that use a plug-in called Browsealoud, which reads webpages out aloud for people whose sight is impaired.

The hackers then used the extra processing power provided by users" devices to "mine' cryptocurrencies such as Bitcoin.

Scott Helme, the security researcher who first spotted the hack, said of the attack: 'It means unsuspecting visitors to those websites have their devices - whether it be a phone, tablet or computer - also hacked.

"But there were ways the government sites could have protected themselves from this".

The National Cyber Security Centre in the United Kingdom has given an official statement on the matter, assuring people that "Government websites continue to operate securely", further stating that "there is nothing to suggest that members of the public are at risk". Government websites continue to operate securely.

Because the malware only runs while someone is actively visiting an infected site, there is no further risk to users' computers, Mr Helme said.

A spokesperson for the NCSC said: "Technical experts are examining data involving incidents of malware being used to illegally mine cryptocurrency".

In December The Guardian reported that almost 1 billion visitors to the video sites Openload, Streamango, Rapidvideo and OnlineVideoConverter were also being crypto-jacked.

"The exploit was active for a period of four hours on Sunday". Texthelp took the Browsealoud plugin offline on Monday morning.

Australian govt sites hijacked by crypto miner