However, the ICO website was still offline at the time this article was published.
"At a high-level mining is simply using system resources to solve large mathematical calculations which result in some amount of cryptocurrency being awarded to the solvers", Cisco researchers wrote in a research note.
Malmo University and Lund University in Sweden, among other Swedish education institutions, were also affected by the hack.
The attack was first raised on Twitter by Scott Helme, a security researcher and founder of Report Uri, the real-time cybersecurity-reporting startup, who was alerted by a friend who'd received a warning that the ICO's site was compromised.
Notley pushes for progress in BC pipeline dispute
Opposition leader Jason Kenney wants an emergency debate on the province's pipeline dispute with British Columbia. The Alberta government has formed a task force to deal with retaliatory measures against B.C.
Helme said that the scripts appeared to have been placed using a third-party compromise and pointed to the script that had been used to effect the compromise. They include sites for Queensland government legislation, Queensland Urban Utilities, the Victorian parliament and South Australia's City of Unley, according to iTnews. The digital currency generated by visitors to the sites is pocketed by the attackers who injected the code onto the sites.
The list spans the USA and United Kingdom as well as Australia.
"That's it. With that tiny change to how the script is loaded, this attack would have been completely neutralised".
Because the malware only runs while someone is actively visiting an infected site, there is no further risk to users' computers, Mr Helme claimed. Coinhive hijacks the processing power of a user's computer to mine the cryptocurrency Monero. Closing the window stops the code from running.
The malicious code inserted cryptocurrency mining software from Coinhive into the Browsealoud plugin.
London City airport cancels all flights after WWII bomb found
Thousands of bombs were dropped on London during the "Blitz" by German Air Forces between September 1940 and May 1941 during World War II.
The plug-in was tampered with overnight to add the Coinhive program.
Texthelp stated that it had disabled Browsealoud and shut down the operation as its engineering team investigated the issue.
"This removed Browsealoud from all our customer sites immediately, addressing the security risk without our customers having to take any action", said Texthelp data security officer Martin McKay.
The National Cyber Security Centre (NCSC) said it was also looking into the incident.
"The affected services have been taken offline, largely mitigating the issue".
You won't BELIEVE what this woman did inside an airport X-ray machine
A video, which has gone viral on social media, shows the unidentified woman getting down from the conveyor belt. Even if you're particularly attached to your belongings, don't jump into an X-ray machine.
More than 4,000 websites are said to have been hacked, including the IN state government's website, the United States Courts' website and many UK government, ones such as the ICO, but the affected code had now been disabled, the BBC reports.