Hackers Hijack Australian and UK Government Websites to Mine Cryptos

It seems that this weekend was pretty fruitful for hackers. The website of the British Information Commissioner’s office, UK’s data protection watchdog, was actually taken offline in order to deal with crypto mining malware.

This particular malware was somehow inserted through websites codes to BrowseAloud, which is a plugin that helps the blind and partially-sighted people to use the internet. Malicious code for software CoinHive would start running in the background until the webpage is closed. As announced, the websites of the Information Commissioner’s Office, the Student Loans Company, the council websites for Manchester City, Camden, and Croydon and the homepage of the United States Courts, had all their computers’ processing power hijacked by hackers.

Scott Helme, an IT security consultant said he received a message from a friend who said their anti-virus had detected an issue after they had visited a UK government site.

He said: “This type of attack isn’t new, but this is the biggest I’ve seen. A single company being hacked means that there were thousands of sites impacted across the UK, Ireland and the United States.” He also added that someone messaged him to say their local government website in Australia is using the software as well.

The website for the parliament of Victoria, and the Queensland government’s legislation website, were also among crypto-jacked websites.

Helme said using the same technique, malicious actors could have installed a keylogger that tracks people entering usernames and passwords, a malicious software update or a virus.

At this point, the attacker is limited by their imagination,” he said and added that right now, the worst-case scenario is that people probably made some money for a criminal gang.

Australian cybersecurity researcher and Helmes co-worker Troy Hunt said that Australia may have “gotten off lightly” thanks to the country’s time zone. Most Australians have been pretty much asleep while the compromised plug-in was operational. “There was an awful lot more hackers could have done,” Hunt said.

Posted in ,

Teuta Franjkovic

Reader Interactions

Trackbacks

Leave a Reply

Your email address will not be published. Required fields are marked *

Contribute to the Cave

Bitcoin / BTC

1MGWEfdjWcaRQEknHM9ywPU8SEXU9c3Wfp

Ethereum / ETH

0x62b4fbF55f35465FAA104c423a564152D77CEF56

Litecoin / LTC

LRraG1qAv2qRkSbxSjiibPjBnQxHxRQyok

Dash / DASH

Xkv7hvyZLfvvbgt1vc3QycNiKkUjYKVXfy

Zcash / ZEC

t1WohJTRseDyyjnuFW48Q8WTjyChaGkc7JS

Latest Blog Posts