Malicious mining programs are rampant, and many government websites have been hacked

Hardly a week goes by without a report about malicious mining software. As cryptocurrency mining becomes more attractive, attackers are stepping up their game, using the entire digital web as their playground. This week, malware even compromised some government websites in the UK and Australia.

According to The Guardian, the so-called "cryptojacking" script infected thousands of websites last week, allowing users who visited the affected websites to have their computer hardware hijacked and used to mine Monero.

Multiple government websites became victims

The NHS website, student loan companies and several local councils were reportedly hacked, and the UK's data protection authority, the Information Commissioner's Office, was also taken offline by the malware over the weekend.

The malware was infiltrated via the BrowseAloud plugin, which is used to assist visually impaired people in accessing web content. The team behind the plugin had to temporarily suspend website operations while they fixed the issue. About 5,000 websites were affected by the Coinhive mining script, forcing website administrators to exploit users' hardware resources.

Monero is known for its anonymity and encryption, making it impossible to trace the wallet source.

Security consultant Scott Helme was alerted when he heard about a friend who received an alert from his antivirus software when visiting a government website:

This type of attack is not new - but it is the largest I have ever seen. A single attack on one company means thousands of websites in the UK, Ireland and the US are affected.

How to prevent malware?

The mining malware also affected websites in Australia, including important government websites such as the Victorian Parliament, the Queensland Civil and Administrative Tribunal, the Queensland Ombudsman, the Queensland Community Legal Centre and the Queensland Law website.

The same plugin was responsible for the spread of this virus. Helme is responsible for documenting the attack:

There are many ways that government websites can be made secure. It may be difficult for small websites, but I think government websites should have defense mechanisms in place from the beginning.

The company responsible for developing the plugin that caused the virus said:

The company has thoroughly checked the affected files and confirmed that the data transfer direction was not changed. The malware only used the computer's CPU to mine cryptocurrency. The vulnerability was active for four hours on Sunday. The Browsealoud website has been taken offline and the relevant security vulnerability has been resolved.

Just last week, Apple and Android systems were also invaded by similar mining programs. Due to the high profits and lack of punishment measures, such vulnerabilities will only appear more and more.