Scott Helme, the information security specialist reported on the distribution of the script for monero mining on sites, most of which are owned by US and British government agencies. Ummm, so yeah, this is...
Scott Helme, the information security specialist reported on the distribution of the script for monero mining on sites, most of which are owned by US and British government agencies.
First he script was discovered by Helme on the site ico.org.uk, but it turned out that the hackers had implemented a miner into the extension BrowseAloud developed by the company TextHelp.com, which allows to sound site content for users with visual impairments. And most of the sites that used the extension have mined cryptocurrency at the expense of visitors. The script used 40% of the power of user processors.
The intruders have built in Coinhive into the code of BrowseAloud. It is one of the most popular scripts for cryptocurrency mining through a browser.
The vulnerability affected 4275 sites, including university websites, various departments, many of which are located on the .gov.uk, .gov.au and .gov domains.
This example shows that third-party solutions should be used with caution. Due to problems on the side of TextHelp.com, sites that exploited the company's product were compromised.
The representatives of TextHelp.com confirmed that of of the scripts was modified. Now the company is conducting a thorough investigation of the incident. It is unclear how someone got access and was able to edit the code. These could be hackers who hacked the company's repository. The attack could be also prepared, for example, by one of the developers of the company, decided to earn extra money.
Before that i hidden miner was built into the popular sites as well as into YouTube ads. Recently a vulnerability was discovered by Kaspersky Lab specialists in the Telegram for Windows application and it could be also used for mining.
Share this with your friends!