Hackers Hit the USA and UK Government Websites to Mine Crypto-Cash

Share

However, the ICO website was still offline at the time this article was published.

"At a high-level mining is simply using system resources to solve large mathematical calculations which result in some amount of cryptocurrency being awarded to the solvers", Cisco researchers wrote in a research note.

Malmo University and Lund University in Sweden, among other Swedish education institutions, were also affected by the hack.

The Register added the affected sites were mining the Monero cryptocurrency.

The attack was first raised on Twitter by Scott Helme, a security researcher and founder of Report Uri, the real-time cybersecurity-reporting startup, who was alerted by a friend who'd received a warning that the ICO's site was compromised.

India won by 9 wickets at Centurion
South Africa , playing without any spinners, looked out of ideas to stop the two with no variety in their bowling. However, he hasn't been able to replicate that form so far in this series.

Helme said that the scripts appeared to have been placed using a third-party compromise and pointed to the script that had been used to effect the compromise. They include sites for Queensland government legislation, Queensland Urban Utilities, the Victorian parliament and South Australia's City of Unley, according to iTnews. The digital currency generated by visitors to the sites is pocketed by the attackers who injected the code onto the sites.

The list spans the USA and United Kingdom as well as Australia.

"That's it. With that tiny change to how the script is loaded, this attack would have been completely neutralised".

Because the malware only runs while someone is actively visiting an infected site, there is no further risk to users' computers, Mr Helme claimed. Coinhive hijacks the processing power of a user's computer to mine the cryptocurrency Monero. Closing the window stops the code from running.

The malicious code inserted cryptocurrency mining software from Coinhive into the Browsealoud plugin.

United Kingdom govt unveils multi-platform system to detect terrorist content online
According to the BBC , UK home secretary Amber Rudd said the government may end up legally forcing tech companies to use the tool. Larger tech companies such as Facebook have started using their own AI tools to remove terror content .

The plug-in was tampered with overnight to add the Coinhive program.

Texthelp stated that it had disabled Browsealoud and shut down the operation as its engineering team investigated the issue.

"This removed Browsealoud from all our customer sites immediately, addressing the security risk without our customers having to take any action", said Texthelp data security officer Martin McKay.

The National Cyber Security Centre (NCSC) said it was also looking into the incident.

"The affected services have been taken offline, largely mitigating the issue".

London City airport cancels all flights after WWII bomb found
Thousands of bombs were dropped on London during the "Blitz" by German Air Forces between September 1940 and May 1941 during World War II.

More than 4,000 websites are said to have been hacked, including the IN state government's website, the United States Courts' website and many UK government, ones such as the ICO, but the affected code had now been disabled, the BBC reports.

Share