Cryptojacking: Malware for mining cryptocurrency infected US and UK websites

Cryptojacking: Malware for mining cryptocurrency infected US and UK websites
Click for full image

UK: Hackers have resorted to a new method for mining cryptocurrency. This time they have infected the websites with malware that can mine cryptocurrencies like Bitcoin and Ethereum.

According to the news reported in ibtimes, this has been done with a process called “cryptojacking” that make infected sites run a program to help them use visitors’ computers to mine cryptocurrencies.

On Sunday, the malware was discovered on the website of UK’s Information Commissioner’s Office. This site was infected with Coinhive in-browser mining (cryptojacking) script.

It was first identified by Scott Helme, an IT security consultant, who later discovered that the Coinhive miner was injected in other government sites like uscourts.gov, nhsinform.scot and manchester.gov.uk.

In an article, Helme wrote that “If you want to load a crypto miner on 1,000+ websites you don’t attack 1,000+ websites, you attack the 1 website that they all load content from. In this case, it turned out that Text Help, an assistive technology provider, had been compromised and one of their hosted script files changed.”

The UK National Cyber Security Centre (NCSC) said that “The affected services have been taken offline, largely mitigating the issue. Government websites will continue to operate securely. At this stage there is nothing to suggest that members of the public are at risk.”