News:
Over four thousand high profile government websites have been compromised by dark web hackers on Sunday across the globe, mining virtual currency secretly, and particularly Monero.
Monero has become one of the popular cryptocurrency recently especially on the ‘dark web’– a section of the internet that can only be accessed using a special browser which is capable of anonymizing your browsing location as well as identity. Dark web criminals are taking advantage of this anonymity by trading illegal commodities, substances and services using virtual currencies.
4,275 websites including those in the U.K., the U.S., Ireland, Australian and Canada with government websites with hundreds of thousands of visitors were hacked in less than a period of four hours and unwittingly mined for cryptocurrency exploiting a security breach. Some of the compromised websites include the United States courts online portal, the United States Information Commissioner Office; the National Health Service in the United Kingdom and the Victorian Parliament website in Australia. The attack by a cryptojacking code hit common websites which had the text-to-speech accessibility script Browsealoud for the visually impaired from Texthelp company.
Recently, Monero has grown in popularity with a market capitalization of $4 billion. Its privacy feature has contributed to its momentum on the dark web making it harder to track compared to bitcoin.
The prices of virtual currency in the market skyrocketed recently and as a scheme that has drawn the attention of criminals. Cybercrimes increased especially on cryptocurrency as criminals tried to cash in on the skyrocketing crypto prices. The cybercrime industry is recently believed to be overtaking the illegal drug trafficking industry in terms of revenue and hence attracting criminals.
The hacking process involved insertion of a malicious code that takes over a portion of a victim’s computer and central processing. Therefore the hacker has the ability of opening a website using a browser in order to mine virtual currency.
The process of mining digital coins requiring less processing power such as Monero is much easier compared to mining bitcoin from websites as it requires powerful specialized computers and software, making Monero mining a better fit for saving on time and energy, making it a very attractive option to criminals.
The dark web hackers had an easier time as they did not compromise each of the 4,275 websites at once, but rather hacked a globally-used plugin named ‘Browsealoud’ which is capable of reading out text from websites for the blind.
After the Browsealoud code was hacked, CoinHive’s Monero miner was silently and secretly injected. Thereafter, any website using the Browsealoud plugin was automatically compromised.
However the cyber-attack was deemed successful as there were basic regulatory measures and requirements over accessibility of some of these government websites that have not been met.
Texthelp speaks
The developer and distributor of Browseaload, Texthelp Company, through Martin McKay, CTO and Data Security Officer at the company said that the incident is already under investigation and that the code has been withdrawn and temporally taken offline.
“The time will allow Texthelp Customers to learn the whole issue and the company to come up with a response. We have been waiting and preparing for such an attack for years now and our data security action plan was activated straight away. Texthelp has placed continuous automated security tests for Browsealoud removing it from all customer sites, so that we can address the security risk without our customers having to take any action,” he said.
The attack has only compromised Browsealoud, while other Texthelp products are intact.
“Texthelp can now report that no customer’s data was accessed or lost in the attack. We have fully examined the infected file and we can confirm that our data is intact. The attack simply hit the computer central processing units to try and generate cryptocurrency. This attack was active on Sunday for a period of four hours.” McKay continued.
Experts and online administrators have pointed out that a few small changes on the website’s code together with adherences with the regulatory requirements could completely eliminate such attacks in the future.
“There are easy ways of defending yourself from this kind of attack,” Helme Scott, the cyber security researcher who first spotted the attack said. “This is not necessarily a new attack but it’s the largest one that we have ever seen. We have known for a long time now that hosted assets are prone to a single target attack with potential of infecting thousands of other websites across the globe,” he added.
Over four thousand high profile government websites have been compromised by dark web hackers on Sunday across the globe, mining virtual currency secretly, and particularly Monero.
Monero has become one of the popular cryptocurrency recently especially on the ‘dark web’– a section of the internet that can only be accessed using a special browser which is capable of anonymizing your browsing location as well as identity. Dark web criminals are taking advantage of this anonymity by trading illegal commodities, substances and services using virtual currencies.
4,275 websites including those in the U.K., the U.S., Ireland, Australian and Canada with government websites with hundreds of thousands of visitors were hacked in less than a period of four hours and unwittingly mined for cryptocurrency exploiting a security breach. Some of the compromised websites include the United States courts online portal, the United States Information Commissioner Office; the National Health Service in the United Kingdom and the Victorian Parliament website in Australia. The attack by a cryptojacking code hit common websites which had the text-to-speech accessibility script Browsealoud for the visually impaired from Texthelp company.
Recently, Monero has grown in popularity with a market capitalization of $4 billion. Its privacy feature has contributed to its momentum on the dark web making it harder to track compared to bitcoin.
The prices of virtual currency in the market skyrocketed recently and as a scheme that has drawn the attention of criminals. Cybercrimes increased especially on cryptocurrency as criminals tried to cash in on the skyrocketing crypto prices. The cybercrime industry is recently believed to be overtaking the illegal drug trafficking industry in terms of revenue and hence attracting criminals.
The hacking process involved insertion of a malicious code that takes over a portion of a victim’s computer and central processing. Therefore the hacker has the ability of opening a website using a browser in order to mine virtual currency.
The process of mining digital coins requiring less processing power such as Monero is much easier compared to mining bitcoin from websites as it requires powerful specialized computers and software, making Monero mining a better fit for saving on time and energy, making it a very attractive option to criminals.
The dark web hackers had an easier time as they did not compromise each of the 4,275 websites at once, but rather hacked a globally-used plugin named ‘Browsealoud’ which is capable of reading out text from websites for the blind.
After the Browsealoud code was hacked, CoinHive’s Monero miner was silently and secretly injected. Thereafter, any website using the Browsealoud plugin was automatically compromised.
However the cyber-attack was deemed successful as there were basic regulatory measures and requirements over accessibility of some of these government websites that have not been met.
Texthelp speaks
The developer and distributor of Browseaload, Texthelp Company, through Martin McKay, CTO and Data Security Officer at the company said that the incident is already under investigation and that the code has been withdrawn and temporally taken offline.
“The time will allow Texthelp Customers to learn the whole issue and the company to come up with a response. We have been waiting and preparing for such an attack for years now and our data security action plan was activated straight away. Texthelp has placed continuous automated security tests for Browsealoud removing it from all customer sites, so that we can address the security risk without our customers having to take any action,” he said.
The attack has only compromised Browsealoud, while other Texthelp products are intact.
“Texthelp can now report that no customer’s data was accessed or lost in the attack. We have fully examined the infected file and we can confirm that our data is intact. The attack simply hit the computer central processing units to try and generate cryptocurrency. This attack was active on Sunday for a period of four hours.” McKay continued.
Experts and online administrators have pointed out that a few small changes on the website’s code together with adherences with the regulatory requirements could completely eliminate such attacks in the future.
“There are easy ways of defending yourself from this kind of attack,” Helme Scott, the cyber security researcher who first spotted the attack said. “This is not necessarily a new attack but it’s the largest one that we have ever seen. We have known for a long time now that hosted assets are prone to a single target attack with potential of infecting thousands of other websites across the globe,” he added.