Bitcoin-mining hackers hijack government websites

By on
Bitcoin-mining hackers hijack government websites

Here's how to protect yourself from hacked sites that could turn your computer into a cryptocurrency miner.

Thousands of global government websites – including some in Australia – have been hit by a cryptocurrency-mining hack, forcing them to run scripts that make visitors use their computer power to mine cryptocurrencies like Bitcoin, Litecoin, Ethereum and others.

These aren't insignificant sites either. They include sites for Queensland government legislation, Queensland Urban Utilities, the Victorian parliament and South Australia's City of Unley, according to iTnews.

In the UK, the Information Commissioner's Office and the Student Loan Company have both been affected, with the General Medical Council and NHS Inform also found running the script. In the US, the Indiana Government and the US courts system were also discovered to be running the crypto-jacking script.

The mining script comes from Coinhive, a company that claims its product can help you “monetise your site visitors” by sucking their CPU power and using it to mine cryptocurrencies.

Coinhive's script was able to run across all of these sites thanks to a piece of software called BrowseAloud. Embedded in all of the affected sites, TextHelp's BrowseAloud software offers accessibility services to those with visual or literacy impairments who are browsing the web. Sometime last weekend, a third-party made modifications to BrowseAloud by adding the Coinhive mining software.

Since news of the breach came to light TextHelp has withdrawn BrowseAloud while it resolves the problem.

We’ve explained the dangers of drive-by cryptocurrency hackers previously, although in this case, the crypto-jacking script doesn't appear to be particularly malicious. While it may utilise your computer's CPU power – and therefore slow your computer down – it doesn't appear to capture sensitive information you may have entered on any of the government sites you've visited.

A spokesperson for the UK’s National Cyber Security Centre (NCSC) said: “NCSC technical experts are examining data involving incidents of malware being used to illegally mine cryptocurrency… At this stage there is nothing to suggest that members of the public are at risk.”

This type of crypto-jacking script has been found previously on video streaming sites, torrent website The Pirate Bay and even YouTube advertisements.

If you're worried about becoming a victim of crypto jacking, you can install a content blocker that’ll scramble the script and flag the plugin. The No Coin browser add-on for Firefox, Chrome and Opera is one such tool. Interestingly, Opera comes with crypto-jacking protections embedded into both its mobile and desktop iterations.

This news story is based on an article that originally appeared at IT Pro.

Copyright © ITPro, Dennis Publishing

Most Read Articles


What would you like to see more of on BiT?
How To's
Photo Galleries
View poll archive

Log In

  |  Forgot your password?