In a hack attack, the government websites, including the Information Commissioner’s Office and thousands of other sites around the world have been running a malware program that uses the visitor’s computer to mine Monero, a cryptocurrency, which like Bitcoin is blockchain based, but with a greater concentration on transaction privacy.
“This type of attack isn’t new — but this is the biggest I’ve seen. A single company being hacked has meant thousands of sites impacted across the UK, Ireland and the United States,” said Helme in an interview with Sky News.
The malware program Coinhive was the cause of the website’s infection. It hides in a website’s code and steals the processing power of its visitors‘ devices to mine cryptocurrency. Coinhive is a cryptojacking script that works by making crypto mining rigs out of the computers of website visitors while giving the hackers an opportunity to control the processing power of millions of machines.
How did they do it?
The explosion in value of Bitcoin and other cryptocurrencies on the financial market has not been unmarked by hackers looking to get some quick money. Their best option is to have other people’s computers do the job. The hackers managed to perform this scam by installing malware into websites which then means that, nameless to them, visitors‘ computers are put to work mining cryptocurrencies.
The Information Commissioner’s website, as well as others, seems to have been infected by crypto-mining code inserted into some accessibility software they all use.
This kind of attack has become much more frequent and while it appears not be a reason for data loss or damage to computer systems, it does lead to more slowly running process.
Who did it affect?
Scott Helme, a security researcher, reported that more than 4,000 websites, including many government ones, were affected. He said it’s a very lucrative proposal because hackers infect only one website and it infects around 5,000.
„This was a very serious breach. They could have extracted personal data, stolen information or installed malware. It was only limited by the hackers‘ imaginations,” – Mr Helme added.
Along with the ICO website, the hacking software was noticed on the site of the Student Loans Company, Barnsley Hospital and other websites worldwide.
Because the malware only runs while someone is actively visiting an infected site, there is no further risk to users‘ computers, Mr Helme claimed.