Over the past few months, websites and servers have been repeatedly targeted by malware that forces web browsers to secretly mine cryptocurrencies while using sites. This software has frequently breached, and in many cases succeeded in thousands of instances, websites within the government itself across the United States and United Kingdom.
The malware, also known as cryptojacking, is extremely problematic for security protocols. Malware of this nature is most commonly inserted into website codes and plugins, making unsuspecting users extremely vulnerable to this sort of assault.
Many sites were affected this weekend in the US, UK, and Australia, including government websites and services such as the National Health Service, the Student Loans Company, among others. In each instance, the malware forces visitors’ computers to mine cryptocurrency while using the site, per a Guardian report.
“This type of attack isn’t new – but this is the biggest I’ve seen. A single company being hacked has meant thousands of sites impacted across the UK, Ireland and the United States. Someone just messaged me to say their local government website in Australia is using the software as well,” Scott Helme, an IT security consultant, commented to Sky News.
Consequently, several websites were taken down to rectify the issue. In one instance, website codes were compromised via BrowseAloud, a popular plugin that helps the blind and partially-sighted people access the web. In total, over 4,000 websites were affected by the malware.
The BrowseAloud plugin appears to have been responsible for the malware breach, utilizing software known as Coinhive. The software stealthily utilizes the processing power of a user’s device to mine open-source cryptocurrency Monero. The malware is often traceable or surfaced through simple antivirus checks.
For example, government authorities were initially made available to the malware after a user noticed an issue in their antivirus software visiting a UK government website.
A spokesperson for the National Cyber Security Centre noted: “NCSC technical experts are examining data involving incidents of malware being used to illegally mine cryptocurrency. The affected services have been taken offline, largely mitigating the issue. Government websites will continue to operate securely. At this stage there is nothing to suggest that members of the public are at risk.”