In a hack of unprecedented scope, thousands of government websites around the world have been compromised as part of a criminal scheme to mine a cryptocurrency called Monero, which like Bitcoin and Ethereum is blockchain based, but with a greater focus on transaction privacy.
Security researcher Scott Helme made the initial discovery, publishing an enormous list of 4,275 government sites (opens in new tab) spanning several countries, including the US, UK and Australia, that were infected by a malware known as Coinhive.
“This type of attack isn’t new — but this is the biggest I’ve seen. A single company being hacked has meant thousands of sites impacted across the UK, Ireland and the United States,” said Helme in an interview with Sky News (opens in new tab).
Coinhive is a cryptojacking script that works by turning the computers of site visitors into crypto mining rigs, potentially giving the hackers access to the processing power of millions of machines.
Tales from the crypto
The hostile code inserted itself into the websites through the popular plugin Browsealoud — an assistive application which helps make sites more accessible to visitors with reading difficulties, visual impairment and dyslexia.
Texthelp, the company that provides Browsealoud, has confirmed that the compromised plugin has been taken offline. "This removed Browsealoud from all our customer sites immediately, addressing the security risk without our customers having to take any action," said Texthelp data security officer Martin McKay.
While the computers of countless people were likely used by the attackers to mine the cryptocurrency, it appears that site visitors are completely in the clear, with Texthelp reporting "no customer data has been accessed or lost."
The National Cyber Security Centre in the UK has given an official statement on the matter, assuring people that "Government websites continue to operate securely," further stating that "there is nothing to suggest that members of the public are at risk."