Bitcoin and the various alternative crypto-currencies have certainly been making waves. And behaving like waves too; their value peaked just before Christmas, before plummeting like my teenage self’s chances of getting a date for my year twelve formal. In the six weeks since 2018 began, the value of Bitcoin has fallen by about 60 per cent. However, these currencies are still “worth” something, and government websites all over the world have been cryptojacked to mine for this virtual elixir.
Scott Helme, an IT security researcher based in the United Kingdom, has discovered that up to 4,000 websites worldwide, including Australian state government websites, have been hacked. The cryptojacked sites are being exploited to mine Monero, another common crypto-currency.
Australian state government websites that appear to be affected, include the Queensland Civil and Administrative Tribunal, the Queensland government’s legislation database and the Victorian Parliament site. Other government websites were also affected, including in the UK Information Commissioner’s website. Wholly appropriate. A list of cracked sites can be found here.
The source of the infection was a script which was traced back to a plugin called Browsealoud. It’s meant to help people who can’t see well, have dyslexia or generally low reading skills navigate the internet. The script then used any instance of an open browser visiting an infected website to mine Monero.
The affected plugins on some of the various websites have been disabled for now. It’s unknown when Browsealoud functionality will return. However, there’s no real indication that a visitor’s computer will actually be infected in any way. However, out of an abundance of caution, we won’t link to any of the affected websites. We don’t actually know how visiting these sites could affect your devices.
While no real damage has been done in this instance, it’s certainly a rude awakening for security. After all, if something so simple managed to infiltrate the websites of some large organisations, then something better designed and more malicious could do so in the future. Even if the cryptojacked websites only really helped some guy in his basement get that little bit (and dropping) richer, somebody could do some real damage if they really wanted to.
Whatever you do, make sure to turn on your anti-virus software….