Government sites infected by cryptocurrency miners

Posted on Monday, Feb 12 2018 @ 11:46 CET by Thomas De Maesschalck
Cryptojackers, online scripts that steal your CPU cycles to mine cryptocurrency, are spreading like wildfire. They're also showing up in a lot of unexpected places, The Register writes thousands of websites around the world were inadvertent running Coinhive's Monero miner, including many US and UK government pages.

Browsealoud was to blame, this is a plug-in that reads out webpages for blind or partially sighted people. Unfortunately, the service got hacked and started serving hidden mining code.
A list of 4,200-plus affected websites can be found here: they include The City University of New York (cuny.edu), Uncle Sam's court information portal (uscourts.gov), Lund University (lu.se), the UK's Student Loans Company (slc.co.uk), privacy watchdog The Information Commissioner's Office (ico.org.uk) and the Financial Ombudsman Service (financial-ombudsman.org.uk), plus a shedload of other .gov.uk and .gov.au sites, UK NHS services, and other organizations across the globe.

Manchester.gov.uk, NHSinform.scot, agriculture.gov.ie, Croydon.gov.uk, ouh.nhs.uk, legislation.qld.gov.au, the list goes on.
Texthelp, the developer of Browsealoud, addressed the issue immediately and pulled the altered code.


About the Author

Thomas De Maesschalck

Thomas has been messing with computer since early childhood and firmly believes the Internet is the best thing since sliced bread. Enjoys playing with new tech, is fascinated by science, and passionate about financial markets. When not behind a computer, he can be found with running shoes on or lifting heavy weights in the weight room.



Loading Comments