UK, US government websites hacked to mine cryptocurrency

UK, US government websites hacked to mine cryptocurrency

UK, US government websites hacked to mine cryptocurrency

"We don't know how Texthelp were compromised yet, so it is hard to say whether they were really unlucky or there was some kind of inherent problem with what they were doing".

Major sites affected internationally include the UK's National Heath Service and the USA court information system.

As well as the ICO website, the hacked script was found running on the site of the Student Loans Company, Barnsley Hospital and other websites in the United Kingdom and worldwide.

The illicit cryptocurrency mining, known as cryptojacking, took place on more than 4,200 websites on February 11, using a malicious version of a tool called Browsealoud. A program called Coinhive, which mines monero - a rival to bitcoin - was added to the plugin. As of Monday morning the ICO continued to display a message on the website's front page stating that it was unavailable.

"At a high-level mining is simply using system resources to solve large mathematical calculations which result in some amount of cryptocurrency being awarded to the solvers", Cisco researchers wrote in a research note.

Although responsibility ultimately lies with Texthelp, Helme suggested government websites should be held to a higher security standard if they use third-party services, such as Browsealoud.

While the computers of countless people were likely used by the attackers to mine the cryptocurrency, it appears that site visitors are completely in the clear, with Texthelp reporting "no customer data has been accessed or lost".

Amazon laying off hundreds amid hiring spurt
Last year, the company announced plans to hire 50,000 warehouse workers, staging a one-day blitz dubbed " Amazon jobs day". This announcement does not appear to be having an impact on Amazon's current search for a second headquarter location.

Texthelp said no customer information has been exposed due to the security lapse, and "Browsealoud [was removed] from all our customer sites immediately, addressing the security risk without our customers having to take any action".

Affected websites in other countries cover similar ground - sites which would benefit from the accessibility benefits provided by the Browsealoud plugin.

Martin McKay, Texthelp's chief technology officer, said the compromise was a criminal act and was being investigated.

"NCSC technical experts are examining data involving incidents of malware being used to illegally mine cryptocurrency", a spokesperson said.

However, the National Cyber Security Centre (NCSC) said that the affected services had been taken offline and that there was no indication the public is at risk, The Guardian reports.

Unfortunately, security teams lack visibility into all of the ways that they can be attacked externally, and struggle to understand what belongs to their organisation, how it's connected to the rest of their asset inventory, and what potential vulnerabilities are exposed to compromise.

Related news