Government Sites Caught Cryptojacking Off People’s Computers, Crypto Malware Infects 4200 Sites

Where on earth you won’t expect cryptojacking scripts exploiting people’s machine for cryptocurrencies?¬†Probably, the websites owned by feds. But it turns out, it isn’t entirely true.

Now, before one starts to think that the governments had a change of heart and began to harvest crypto coins, the story involves malicious actors, because, of course.

Scott Helme, a UK-based security researcher, has uncovered that a cryptocurrency mining script was injected in Text Help’s accessibility services plugin called BrowseAloud. The web screen reader which helps people with visual impairments is embedded in more than 4,000 websites, many of them belonging to governments.

He started his investigation after his friend saw AV software warnings when visiting the website of UK’s Information Commissioner’s Office. According to Helme’s blog post, a third party managed to modify BrowseAloud and stuff CoinHive mining software.

“If you want to load a crypto miner on 1,000+ websites you don’t attack 1,000+ websites, you attack the 1 website that they all load content from,” Helme wrote.

The scope of the cryptocurrency miner is not just limited to the UK, but also expands to other countries including Australia, Ireland, US, etc. Some of the affected government sites went offline to fix the issue.

Helme said attacks like these aren’t new and they can be mitigated by making some changes. For users, there are some options available which can help them deal with cryptojacking scripts. For instance, Opera browser comes with a built-in tool to prevent cryptocurrency mining. An extension called NoCoin is available for Chrome, Opera, and Firefox.

Also Read: Google Does It Again: Fined $21 Million By India For Search Bias
Aditya Tiwari

Aditya Tiwari

Aditya likes to cover topics related to Microsoft, Windows 10, Apple Watch, and interesting gadgets. But when he is not working, you can find him binge-watching random videos on YouTube (after he has wasted an hour on Netflix trying to find a good show). Reach out at [email protected]
More From Fossbytes

Latest On Fossbytes

Find your dream job