Earlier this week, hundreds of websites, including those belonging to a large student loan company, the website for the U.S. court system and several English councils were infected by malware that forced computers to mine for digital currency while certain programs were in use.
The Information Commissioner’s Office’s website in the UK was reportedly shut down to manage the problem after being infected late Sunday evening. The cryptojacking program was placed inside website codes through a popular plugin called BrowseAloud, which helps blind and partially-sighted people be able to use the web.
Over 5,000 websites were infected by the malware. A software program called Coinhive, which silently utilizes the processing power of a user’s device to mine open source digital currency, Monero, seems to have been inserted into the BrowseAloud plugin.
The company that operates BrowseAloud, called Texthelp, brought its website down on Sunday to try to fix the problem. Meanwhile, the National Cyber Security Centre confirmed that the issue was under investigation, sharing that there was nothing to suggest that members of the public were at risk from the malware attack.
IT security consultant, Scott Helme, issued the alarm about the malware after receiving a message from a friend whose antivirus software had discovered a problem after visiting a UK government website.
Helme explained, “This type of attack isn’t new – but this is the biggest I’ve seen. A single company being hacked has meant thousands of sites impacted across the UK, Ireland and the United States. Someone just messaged me to say their local government website in Australia is using the software as well.”
A National Cyber Security Centre spokesperson stated: “NCSC technical experts are examining data involving incidents of malware being used to illegally mine cryptocurrency. The affected services have been taken offline, largely mitigating the issue. Government websites will continue to operate securely. At this stage there is nothing to suggest that members of the public are at risk.”
Luckily, this large attack was only responsible for the illegal mining of Monero, rather than stealing identities or other important security information. Experts say it could have been much worse.