Recently, Scott Helme, a UK-based security researcher has found that a crypto mining script was injected in accessibility service plugin BrowseAloud. Well, BrowseAloud is a Text Help’s web screen reader that helps people with visual impairments.
Hackers Target Government Websites With Crypto-Jacking Malware
The process of mining cryptocurrency using user’s CPU power is now a widespread practice. Smart guys are using multiple methods to mine cryptocurrency. Well, these type of practices is often used by evil-minded people.
However, now it looks like Government sites are found mining crypto coins from people’s computer. Before one starts to think that the governments had a change of heart and began to harvest crypto coins, the story involves malicious actors.
Recently, Scott Helme, a UK-based security researcher has found that a crypto mining script was injected in accessibility service plugin BrowseAloud. Well, BrowseAloud is a Text Help’s web screen reader that helps people with visual impairments.
The BrowseAloud plugin was embedded in more than 4,000 websites and most of them belong to governments. The researcher started to investigate after his friend saw warnings from Antivirus tools when visiting the website of UK’s Information Commissioner’s Office.
Scott Helme further claims that a third party managed to modify BrowseAloud and stuff CoinHive mining software. Scott Helme in his blog post wrote “If you want to load a crypto miner on 1,000+ websites you don’t attack 1,000+ websites, you attack the 1 website that they all load content from”
The scope of the cryptocurrency miner is not just limited to the UK, but also expands to other countries like Ireland, Australia, US, etc. Some of the government websites that were affected by the malicious script went offline to fix the issue.
So, what do you think about this? Share your views in the comment box below.
