The Information Commissioner’s Office took down its website after it emerged that the site was hijacked by hackers to mine cryptos. The hack has affected about 4,000 websites including government websites. The ICO said that it was aware of the hack and is working hard to solve it.
According to security researcher Scott Helme, the problem was traced back to Browsealoud, a website plug-in. The plug-in is designed to assist blind people access the internet. Helme said that he had been notified by a friend regarding the problem. Browsealoud developers at TextHelp also confirmed that the plug-in was affected by a malicious code that is used to generate a digital currency. The company said that the digital currency involved in all this was Monero.
Helme said that once Browsealoud was compromised, it affected thousands of other websites. According to reports, the plug-in was tampered with in order to add a program called Coinhive. The program mines Monero by running very intense mathematical calculations on computers.
Analysts who got wind of the issue say that this will not be the last incident of this type. As the value of cryptocurrencies rises, hackers will always try to find a way to circumvent various systems in order to get their hands on these coins.
However, the process of mining cryptocurrencies is not that easy. Mining is the process used to generate new digital coins, and it involves solving very complex mathematical problems. This massively increases the processing power of computers leading to huge energy bills. It’s a price that hackers are not ready to pay and as such, the idea of hacking into other people’s computers and using them to mine the coins doesn’t seem viable.
The problem is that these types of attacks are expected to become more common. Although there is no loss of data involved or any serious system damage, such malicious software can cause computers to significantly slow down. If government computers are affected by such incidents, this could have further implications too.
According to Helme, the approach taken by the hackers appears to be very resourceful. All they needed to do was to hijack one website and all of a sudden they had access to nearly 5,000 computers. The data security expert says that this was a significant breach that could have led to serious loss of data.
TextHelp confirmed that it will be commissioning a security review of its systems in order to ensure that this type of incident doesn’t happen again in the future. In addition to this, the National Cyber Security Center also said that it is examining data involving malicious software used by hackers to mine cryptocurrencies in a bid to develop preventive mechanisms and strategies. Until the time of publishing this article, all the affected websites in this recent hack were taken down for further investigation and action.