Now Hackers Are Mining Crypto On Government Websites

Prorootect

Level 69
Thread author
Verified
Nov 5, 2011
5,855
NOW Hackers Are Mining Crypto On Government Websites
futurism.com: Now hackers are mining crypto on government websites

In Brief

Hackers hijacked software intended to help people with disabilities to mine cryptocurrency, affecting more than 4,000 websites around the world.

If you know any bitcoin investors, you might notice that they seem a little bummed lately. After months of an upward trend, the value of bitcoin (along with
some lesser-known cryptocurrencies, such as Ethereum and Ripple) recently slumped, leading to some predictions that that the “bubble” of its inflated value is beginning to pop, that cryptocurrency in general is on its way out.
But hackers don’t believe it — they’re all in on crypto. They’re in so deep, in fact, that they’re hijacking thousands of websites, including those that belong to reputable entities like the U.K.’s National Health Service and the U.S. court system, to mine the stuff,
according to The Register.
You might ask: What do so many disparate sites have in common? They all use a plug-in called
Browsealoud, which allows blind or partially-sighted people to listen to the text that appears on screen. That’s what the hackers used to hijack the websites.
That’s right. The culprits exploited accessibility software to mine cryptocurrency. Real classy.
In the early hours of February 11, 2018 malware intended to mine lesser-known cryptocurrency
monero was added to Browsealoud’s code. It ran on some 4,200 affected websites for several hours. So whenever an unsuspecting visitor accessed those sites, the mining script would run in their web browser, without the users’ consent, generating cryptocurrency for the hackers. By the afternoon, Browsealoud’s team had realized the issue and shut down its service while it repaired its code.
Authorities aren’t yet sure who the hackers are. But the company at least has been clear: the hackers’ actions were illegal.



The breach is bad news for more than just Browsealoud, and for the sites that use it. It reveals a weakness of the modern internet as a whole. Most web sites rely on just a few providers of various services — almost
half of the web sites that track user activity via cookies, for example, use the same software. That means that if hackers can crack that one common software, they can take advantage of thousands, or even millions, of sites that rely upon it.

The web sites themselves have little control over it. And even though Browsealoud had been preparing for such a breach over the past year, according to a company statement, there wasn’t much their clients could do after the attack.


Yes, breaches are bad, but ultimately, consumers didn’t suffer too much from this one. The hackers didn’t steal any user information (that could be particularly bad for users typing in their most personal identifying information to government web sites), they didn’t infect computers with buggy software. They just mined some cryptocurrency, and probably made the environment just a bit worse off for it.

And in that regard, they’re far from the only ones.

How does Bitcoin mining work? - BBC Newsnight


*futurism.com: Futurism - Building the future together
 
Last edited:

AtlBo

Level 28
Verified
Top Poster
Content Creator
Well-known
Dec 29, 2014
1,716
@Prorootect-passing this on to you cyptominer specialist extreme. Take a look at the first link in this post:

Intel Releases Spectre Patches for More CPUs

securityweek.com. Do you get rampant CPU usage. CPU went up to 70-100% here every time I clicked on this link. I guess you would know more than I what to do with this information but I will be happy to follow any guidance you might have like contact web admin or whatever. Hope securityweek.com isn't infected or worse choosing to use a miner...
 

Prorootect

Level 69
Thread author
Verified
Nov 5, 2011
5,855
This link is safe, NO miner: Intel Releases Spectre Patches for More CPUs | SecurityWeek.Com
My anti-miner add-ons are sleeping.. minerBlock and Coin Mining Blocker

Some first seconds, each link has greater CPU load, but after 3-4 seconds al is OK., 0% (to 3% sometimes) CPU load - normal.

haha then I'm not specialist, we have specialists on MT sure, but me?..
 
Last edited:

Evjl's Rain

Level 47
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Apr 18, 2016
3,684
@Prorootect-passing this on to you cyptominer specialist extreme. Take a look at the first link in this post:

Intel Releases Spectre Patches for More CPUs

securityweek.com. Do you get rampant CPU usage. CPU went up to 70-100% here every time I clicked on this link. I guess you would know more than I what to do with this information but I will be happy to follow any guidance you might have like contact web admin or whatever. Hope securityweek.com isn't infected or worse choosing to use a miner...
I saw the page. I found there are so many ads and banners in this website (ublock reported 34)
I found no malicious mining script there so there is no worry
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top