Has Your Computer Been Cryptojacked?

Imagine going on a government website to settle your tax returns. While browsing through the website, you notice the fan in your computer starts making an unnaturally loud whirring noise. You ignore it, thinking that it’s just a temporary processor overload. A few minutes later, you get done with your tax returns, quit the tab, and the noise dies away.

If you have experienced something like that before, you might have unwittingly fallen victim to cryptojacking – when computers are secretly made to mine cryptocurrency.

Government Websites Plagued by Crypto Mining Malware

Thousands of websites worldwide, including government websites like the NHS as well as the Loans Company and several English councils, have fallen prey to a malware that forces their visitors’ computers to mine cryptocurrency without them knowing when browsing the site.

Last Sunday, UK’s Information Commissioner’s Office (ICO) had to take down its website to tackle this issue after reports found that it was infected by the malware.

According to UK security researcher Scott Helme, who discovered the compromised JavaScript file on Sunday morning after a friend’s anti-virus program set off an alert on the ICO site, the malicious cryptojacking script was inserted in to the websites with a popular web plugin called Browsealoud, which helps people with weak vision, dyslexia, and low literacy access the web.

https://twitter.com/Scott_Helme/status/962684239975272450

Over 5,000 websites were affected by this hack, which also incorporated the software Coinhive, which silently uses the processing power of a user’s device to mine Monero, an open-sourced cryptocurrency, without the user realizing what’s going on. Apparently, this software was injected into the compromised BrowseAloud plugin, which allowed the websites to secretly use their users’ CPU power to mine cryptocurrencies.

In an interview with Sky News, Helme noted that this is one of the biggest crytpojacking attacks that he’s ever encountered.

“This type of attack isn’t new – but this is the biggest I’ve seen. A single company being hacked has meant thousands of sites impacted across the UK, Ireland and the United States.”

Although Australia was among the countries that were affected by this hack, Australian cybersecurity researcher Troy Hunt reckoned that citizens of the land Down Under may have “gotten off lightly” thanks to the country’s time zone. This is because most Australians would have been asleep while the compromised plug-in was operational.

“There was an awful lot more [the hacker] could have done,” Mr Hunt said.

“Once you can run your own Javascript on someone else’s website, you can do basically anything.”

Nonetheless, according to a spokesperson from the National Cyber Security Centre, things are under control for the meantime.

“The affected services have been taken offline, largely mitigating the issue. Government websites will continue to operate securely. At this stage there is nothing to suggest that members of the public are at risk.”