Table of Contents
Cryptomining malware found in US, UK, and Australian government websites
There were a number of reports late last year concerning websites featuring drive-by cryptomining—a practice that uses the CPUs of visitors to surreptitiously mine crytpocurrencies. Now, it’s been discovered that thousands of sites, including many from the US, UK, and the Australian governments, were infected with the same Monero miner from Coinhive.
READ ALSO –>
INTERESTING AS BITCOIN BRIEFLY DROPS BELOW $6000; OVER $550 BILLION WIPED OFF CRYPTOCURRENCY MARKET IN UNDER ONE MONTH
We still don’t know who was behind the attacks. Some of the 4200 affected sites included The City University of New York (cuny.edu), the court information portal (uscourts.gov), Lund University (lu.se), the UK’s Student Loans Company (slc.co.uk), privacy watchdog The Information Commissioner’s Office (ico.org.uk) and the Financial Ombudsman Service (financial-ombudsman.org.uk), along with several Australian government sites, including both the Queensland and Victoria parliaments.
As with most (though not all) cryptpominers, the mining process ended when users left the pages or closed their browser tab. Thankfully, the code was only active for several hours on February 11 before Texthelp disabled the plugin.
“In light of other recent cyber attacks all over the world, we have been preparing for such an incident for the last year and our data security action plan was actioned straight away,” said Texthelp’s chief technology officer Martin McKay in a statement.
“Texthelp has in place continuous automated security tests for Browsealoud, and these detected the modified file and as a result the product was taken offline.”
The company added that no customer data has been accessed or lost. Further updates will be provided when the investigation has been completed.