Thousands of websites hijacked to mine cryptocurrency

Share

Security researcher Scott Helme was alerted to the hack by a friend who sent him antivirus software warnings received after visiting a UK Government website. Trócaire, the Irish aid agency, and the Department of Agriculture were also listed on the database. The hackers do this by inserting software into websites which then means that, unbeknown to them, visitors' computers are put to work mining cryptocurrencies.

"We don't know how Texthelp were compromised yet, so it is hard to say whether they were really unlucky or there was some kind of inherent problem with what they were doing".

Websites, including those belonging to the Information Commissioner's Office, Student Loans Company and Scottish NHS helpline, were infected with a virus. The website plug-in helps people with dyslexia, low vision and low literacy use the Internet.

This was first noticed earlier this morning by infosec consultant Scott Helme when he saw that United Kingdom government site ico.org.uk was utilizing the the Coinhive in-browser mining (cryptojacking) script. The more processing power it has access to, such as via thousands of browsers on thousands of websites, the easier it is to generate cryptocurrency.

Pence raises prospect of United States talks with North Korea
The North then withdrew its request after it asked for more fuel than Seoul was willing to provide, a Seoul official added. It has shown no interest so far in negotiating over global demands to give up its nuclear and missile programs.

"The affected service has been taken offline, largely mitigating the issue". Offloading those costs to random web users by injecting miners into other peoples' websites, an attack called cryptojacking, has quickly become widespread and prior attacks are estimated to have generated hundreds of thousands in profits for hackers.

"If you want to load a crypto miner on 1,000+ websites you don't attack 1,000+ websites, you attack the 1 website that they all load content from", Helme wrote on his blog.

The hack added the Coinhive program to the impacted websites.

Texthelp's chief technology officer Martin McKay has released a statement, saying the compromise was a criminal act.

Canada wins figure skating team event gold at Pyeongchang Olympics
Here's everything you need to know about the Team Canada athletes vying for Gold in Pyeongchang, South Korea this month. Zagitova, skating at her first Olympics, turned in a sizzling performance to composer Leon Minkus's "Don Quixote".

Browsealoud operator Texthelp said it taken the tool offline as soon as one of its automated scans had discovered the modified file.

Other government sites affected include Victoria's City of Casey council, Western Australia's City of Bayswater council, South Australia's City of Unley council, and the office of the Queensland Public Guardian, which protects the rights of young children in care.

Helme documented the attack on his website, while Texthelp said an investigation was under way.

Omarosa's 'Celebrity Big Brother' status unclear after hospitalization from asthma attack
Asked by Matthews if the nation should be anxious , she nodded yes, adding tearfully, "It's not going to be OK". The season began Wednesday, Feb. 7, and the incident occurred following episode three, which aired Friday.

Share