Australian govt sites hijacked by crypto miner

Share

Thousands of websites, including ones run by USA and United Kingdom government agencies, were infected for several hours on Sunday with code that causes web browsers to secretly mine digital currencies, technology news site The Register reported.

The Register highlighted that the affected websites used the plugin Browsealoud, which is produced by Texthelp Limited.

Hackers exploited a vulnerability in the popular browser plug-in Browsealoud, a programme that converts website text to audio for visually impaired users.

Hackers used the same browser plug-in that the United Kingdom government was exposed with, Browsealoud, with the developers of the extension, Texthelp, confirming hackers infused crypto mining software Coinhive into their extension. Coinhive hijacks the processing power of a user's computer to mine the cryptocurrency Monero.

"If you want to load a crypto miner on 1000+ websites you don't attack 1000+ websites, you attack the 1 website that they all load content from", Helme said.

Britain's National Cyber Security Centre said the issue was being investigated, and there was nothing to suggest the public was at risk.

Scott Helme, a UK-based security researcher who discovered the malware, said government websites could have done more to prevent the attack.

"But there were ways the government sites could have protected themselves from this. Seems to have hit other government sites too including the United States and Australia".

"The attacker added malicious code to the file to use the browser CPU in an attempt to illegally generate cryptocurrency", said Texthelp.

A database of affected websites, which has been checked by security analysts to verify those listed, included the sites of the Health Service Executive (HSE) and Oireachtas as well as a number of local authorities.

Share