US & UK Govt Sites Injected With Miners After Popular Script Was Hacked

US & UK Govt Sites Injected With Miners After Popular Script Was Hacked

US & UK Govt Sites Injected With Miners After Popular Script Was Hacked

"A single company being hacked has meant thousands of sites impacted across the UK, Ireland and the United States", said Helme in an interview with Sky News.

A database of affected websites, which has been checked by security analysts to verify those listed, included the sites of the Health Service Executive (HSE) and Oireachtas as well as a number of local authorities.

Those that visited the compromised websites would have their computer hardware hijacked in order to mine Monero for the perpetrators.

"The ba.js had been altered to include a document.write call that added a CoinHive crypto miner to any page it was loaded in to". Coinhive, which takes a 30 per cent cut of anything mined using unmodified versions of its plugin, officially discourages embedding their miner in websites without informing users up front that it may take a (sometimes significant) slice of their computers' processing power.

The malicious code as it appeared on the site of the US courts service. Credit Scott Helme
The malicious code as it appeared on the site of the US courts service. Credit Scott Helme

The Register highlighted that the affected websites used the plugin Browsealoud, which is produced by Texthelp Limited.

The malware have infected government sites on Sunday after a browser plug-in made by a third-party was compromised.

Malicious code for software known as "Coinhive", a program advertising itself as "A Crypto Miner for your Website" would start running in the background until the webpage is closed.

"We don't know how Texthelp were compromised yet, so it is hard to say whether they were really unlucky or there was some kind of inherent problem with what they were doing". It said it is investigating the incident. "It may have been hard for a small website, but I would have thought on a government website we should have expected these defence mechanisms to be in place".

Читайте также: Dubai's iconic buildings light up in Indian tri-colour

While the computers of countless people were likely used by the attackers to mine the cryptocurrency, it appears that site visitors are completely in the clear, with Texthelp reporting "no customer data has been accessed or lost". "The Browsealoud service has been temporarily taken offline and the security breach has already been addressed, however Browsealoud will remain offline until Tuesday 12.00pm GMT".

According to the UK National Cyber Security Centre, there is nothing to suggest that members of the public are at risk at this point.

The office of the Queensland Parliamentary Council, which operates the Queensland legislation website, and the Victorian parliament have been contacted for comment.

При любом использовании материалов сайта и дочерних проектов, гиперссылка на обязательна.
«» 2007 - 2018 Copyright.
Автоматизированное извлечение информации сайта запрещено.

Код для вставки в блог

Related news