Monday, December 5, 2022

Government Websites Hit With Crypto-Mining Malware Over the Weekend

Government Websites Hit With Crypto-Mining Malware Over the Weekend

Government websites in the U.S. and the U.K. were hit with what one source refers to as “rogue code” over the weekend. The instance is the latest in a long series of “crypto-jacking” incidents, where visitors’ computers are surreptitiously used by hackers to mine cryptocurrency without permission.

Also Read: Europol Worries About Billions in Bitcoin Money Laundering, but What About ‘Regulated’ Banks?

Subscribe to the Bitsonline YouTube channel for great videos featuring industry insiders & experts

Global Government Service Sites Affected

The code was first noticed by security researcher Scott Helme. He believes the malware may have been running on over 4,000 government websites, including those of the U.K.’s Information Commissioner’s Office (ICO) and the American Court System.

Thus far, sites known to have been affected by the malware include those belonging to NHS services, the Student Loans Company, and several English councils.

Helme tweeted his findings, saying:


Crypto-Jacking: A Running Theme

Hackers were allegedly using the malware and victims’ computers to mine Monero, a digital currency that has garnered serious traction in underground operations over the past several months.

“This type of attack isn’t new, but this is the biggest I’ve seen,” Helme said to reporters at Sky News. “A single company being hacked has meant thousands of sites impacted across the U.K., Ireland and the United States. Someone just messaged me to say their local government website in Australia is using the software as well.”

The software he’s referring to is Coinhive, which should ring serious bells with crypto-fans everywhere. Coinhive has been used in several widespread crypto-jacking operations, including those recently implemented through YouTube and Google Ads.

The necessary mining code was implemented via the popular plugin BrowseAloud, which is designed to assist vision-impaired individuals in accessing the web.

Investigation to Come

At press time, several affected websites have been shut down or taken offline, including that of an ICO. The National Cyber Security Center is currently investigating the incident and has released a follow-up statement informing members of the public not to worry, as their computer systems are likely unaffected.

“NCSC technical experts are examining data involving incidents of malware being used to illegally mine cryptocurrency,” spokespeople for the organization assured. “The affected services have been taken offline, largely mitigating the issue. Government websites will continue to operate securely. At this stage, there is nothing to suggest that members of the public are at risk.”

Helme also took a few moments to express his relief that the incident wasn’t any worse:

Is crypto-jacking likely to continue well into the future? Post your thoughts below.

Images via Pixabay, Monero

Bitsonline Email Newsletter