Hackers appear to have succeeded in mounting a massive attack that results in the cryptocurrency Monero being secretly mined, without users knowing it.
The shocking part of this news is that over 4,000 sites, mostly belonging to government agencies in the U.K., the U.S. and Australia, have been found to be affected.
Scott Helme, a security researcher in the U.K., was the first to discover the cyber attack.
He detailed his findings in a blog post.The malware detected to be involved in this type of illegal cryptocurrency mining is associated with a hacking practice known as cryptojacking.
Hackers use a website’s codes and plugins to insert the malware. Once inside, the user will not know that his or her system is being used for cryptocurrency mining in the background by the cryptojackers.
While many government-run sites such as the National Health Service, the Student Loan Company in the U.K. are included in the list of 4,000 sites identified to be loading the infected file.
It has been found that a particular plugin, called Browsealoud, has been used to insert the malware. This dedicated plugin, developed by a U.K. firm, is meant to help people with visual impairments access the internet.
It has also come to light that the cryptojackers have used a particular software program called CoinHive to tap into the breached computer device to carry on with cryptocurrency mining.
There is really no way of knowing the amount of Monero or any other currency the cryptojackers would have already gained through this process.
Sites Brought Down
The only reason the site owners and users could breathe easy was that the malware is easily detectible and can be eliminated. And secondly, there is no ransom demand or data theft that has been reported so far.
Nonetheless, a hack is a hack and it exposes vulnerabilities in the network. Within months of an anti-malware solution being found, the hacking community will always come up with another, possibly even more dangerous cyber attack than the previous one.
In this case, the moment a cybersecurity researcher noticed the cryptocurrency mining operation and raised the alarm, the sites ran their checks and wherever the malware was located, it was isolated and removed.
The affected sites had to be shut down at least momentarily to accomplish this cleanup process. The Browsealoud program was also temporarily brought offline.
Texthelp, the developer of the Browsealoud product, released a statement saying that they are working with the National Crime Agency and The National Cyber Security Centre to conduct an investigation into the attack.
Not the First Instance of the Kind
Experts analyzing the cryptojacking and cryptocurrency mining operation confirm that this is not the first time an attack of this kind has been committed.
However, the sheer size and magnitude of the malware attack has left many astounded.
The company that developed Browsealoud has also said it is working on the software after disabling it and users may receive a patch soon to remedy the loophole.
The concerned government organizations have also put out announcements saying that the public at large should not panic since no damage has been done and in most cases, the sites are back to functioning normally again.
Can Slow Down Your System
Once the CoinHive miner becomes active in drawing power from the device for cryptocurrency mining, the affected system will automatically slow down making it difficult for the victim to continue to use the device.
That’s why websites, particularly government-run sites, need to assure they’re protected from any viruses at all times to avoid attacks from cryptojackers.
This is the bane of technology that despite taking all the precautions, someone else’s indifference could cost users their security.
Installing a powerful anti-malware program is a must; and having your system scanned after visiting any suspicious site is also advisable to stay safe from malware attacks.
At the same time, there are steps that the affected governments need to initiate to make their websites free from any viruses.
Particularly, where the websites are accessed by the general public, the onus is on the concerned departments to ensure that their servers and network systems remain updated and periodically scanned for offending malware.
And finally, the companies engaged in developing dedicated programs like Browsealoud have to exercise care in fortifying their codes, to make the program safe.