Coinhive Miner Attacked Governmental Websites
February 12, 2018
Thousands of governmental sites have been subject to hacking when criminals added Coinhive miner to their code.
Some days ago Scott Helm, a cyber security researcher, has made public a full list of world governmental sites infected. The list includes 4275 sites with the US, the GB and Australian ones among them.
“This type of attack isn’t new – but this is the biggest I’ve seen”, Helm said.
Coinhive is a cryptographical script allowing for Monero currency mining on the affected machines of many users when built into the site code.
Integrating malicious code into the site structure is triggered by Browsealoud extension intended for people with reading problems and those visually and orally impaired to have the site more accessible.
Texthelp, the developing company of Browsealoud, disabled its plugin immediately soon after the situation was announced.
“This removed Browsealoud from all our customer sites immediately, addressing the security risk without our customers having to take any action”, as Martin McKay, Texthelp data security officer, claimed.
The UK National Cyber Security Center has already shared their view on the situation. As the center’s representative noticed, governmental sites are completely safe and there are no grounds for suggesting public data are at threat.