Thousands of sites, including NHS services and the ICO, hijacked by rogue code
The UK’s data protection website is one of many infected by the malware.
Thousands of websites, including those belonging to NHS services, the Student Loans Company and several English councils, have been infected by malware that forces visitors’ computers to mine cryptocurrency while using the site.
Late on Sunday, the website of the UK’s data protection watchdog, the Information Commissioner’s Office, was taken down to deal with the issue after it was reportedly infected by the malware.
The cryptojacking script was inserted into website codes through BrowseAloud, a popular plugin that helps blind and partially-sighted people access the web.
More than 5,000 websites have been flooded by the malware. Software known as Coinhive, which quietly uses the processing power of a user’s device to mine open source cryptocurrency Monero, appears to have been injected into the compromised BrowseAloud plugin.
Texthelp, which operates BrowseAloud, took its entire website down on Sunday while it tried to resolve the problem.
Billions of video site visitors unwittingly mine cryptocurrency as they watch
Read more
The National Cyber Security Centre confirmed the issue was being investigated, adding there was nothing to suggest members of the public were at risk after the malware attack.
Scott Helme, an IT security consultant, raised the alarm about the malware after he received a message from a friend whose antivirus software had detected an issue after visiting a UK government website.
“This type of attack isn’t new – but this is the biggest I’ve seen. A single company being hacked has meant thousands of sites impacted across the UK, Ireland and the United States,” Helme told Sky News.
“Someone just messaged me to say their local government website in Australia is using the software as well.”
A spokesperson for the National Cyber Security Centre said: “NCSC technical experts are examining data involving incidents of malware being used to illegally mine cryptocurrency.
“The affected services has been taken offline, largely mitigating the issue. Government websites will continue to operate securely.
“At this stage there is nothing to suggest that members of the public are at risk.”
Hi! I am a robot. I just upvoted you! I found similar content that readers might be interested in:
https://www.theguardian.com/technology/2018/feb/11/government-websites-hit-by-cryptocurrency-mining-malware
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
Sure...if you really want to think that go ahead.
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
This post has received a 0.14 % upvote from @drotto thanks to: @zumerret.
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
This post has been upvoted by @microbot with 2.4%!
You want higher upvotes?
Vote for my creator @isnochys as witness!
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
This post has received a 0.59 % upvote from @morwhale thanks to: @zumerret.
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
You got a 0.74% upvote from @masterbot courtesy of @zumerret!
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
This post has been upvoted by @nanobot with 16.6%!
You want higher upvotes?
Vote for my creator @isnochys as witness!
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit