Hackers secretly made UK Government websites force visitors’ computers to mine bitcoin alternative monero



Several Government websites have been secretly forcing visitors’ computers to mine bitcoin alternative monero for cyber criminals.

One of the affected sites – that of the Information Commissioner’s Office – was temporarily taken down as a result.

The Student Loans Company’s website was also affected, as were NHS websites, the Pensions Advisory Service, the Financial Ombudsman Service and many more.

Security researcher Scott Helme traced the issue to Browsealoud, software that makes it easier for blind and partially sighted people to use the internet. 

It was recently compromised by cyber criminals, who added a cryptojacking script to it.

As a result, everyone who visited a website that ran Browsealoud would secretly have their computer’s processing power used to earn money for cyber criminals, by mining monero.

Texthelp, the company behind Browsealoud, has taken the service down temporarily.

“At 11:14 am GMT on Sunday 11th February 2018, a JavaScript file which is part of the Texthelp Browsealoud product was compromised during a cyber attack,” it said. 

“The attacker added malicious code to the file to use the browser CPU in an attempt to illegally generate cryptocurrency. This was a criminal act and a thorough investigation is currently underway.”

It says the exploit “was active for a period of four hours on Sunday”, and adds that no customer data was stolen or lost as a result of the hack.

Cryptojacking incidents, in which people’s devices are quietly hijacked and forced to mine digital currencies for other people, have become increasingly common since bitcoin’s spectacular price rise in 2017.

The trend is likely to continue, as successful attacks can help criminals earn a significant amount of money.

“NCSC technical experts are examining data involving incidents of malware being used to illegally mine cryptocurrency,” the National Cyber Security Centre said.

“The affected service has been taken offline, largely mitigating the issue. Government websites continue to operate securely. At this stage there is nothing to suggest that members of the public are at risk.”

We’ve teamed up with cryptocurrency trading platform eToro. Click here to get the latest Bitcoin rates and start trading. Cryptocurrencies are a highly volatile unregulated investment product. No EU investor protection. 75% of retail investor accounts lose money when trading CFDs.





READ SOURCE

READ  Victorian man arrested in connection to cryptocurrency-related drug syndicate - ZDNet

LEAVE A REPLY

Please enter your comment!
Please enter your name here