Digital cash hack hits government websites

Share

A vulnerability associated with the third-party web browser plugin Browsealoud allowed hackers to put the cryptomining code into the source code for the affected websites, according to a United Kingdom -based cybersecurity researcher. The ICO said: "We are aware of the issue and are working to resolve it".

Among those affected are the UK Student Loans Company (SLC), National Health Service (NHS) Scotland, and the Queensland government portal in Australia.

The company that makes the plug-in, Texthelp did confirm that for a period of four hours its product had been affected by malicious code created to mine for cryptocurrency.

The cryptocurrency involved was Monero - a rival to Bitcoin that is created to make transactions in it "untraceable" back to the senders and recipients involved. Some of the affected government sites went offline to fix the issue.

In order to get the crypto-mining software onto unsuspecting computers, the hack targeted an accessibility plugin called Browsealoud that makes the web easier to use for people with dyslexia or low English comprehension.

We use cookies to give you the best experience on our website and bring you more relevant advertising.

Browsealoud is used on a huge number of websites, according to search engine PublicWWW, including manchester.gov.uk, newham.gov.uk, york.gov.uk, croydon.gov.uk and at least 32 other websites on the '.gov.uk' domain. The individuals behind the hack had illegally injected the controversial CoinHive software into Browsealoud's code.

Other government sites affected include Victoria's City of Casey council, Western Australia's City of Bayswater council, South Australia's City of Unley council, and the office of the Queensland Public Guardian, which protects the rights of young children in care.

Once the plug-in was infected, it affected thousands of other websites in addition to the ICO's, which used it.

Texthelp says Browsealoud has since been removed from "all our customer sites", and added that no customer information was exposed.

Texthelp, the company that provides Browsealoud, has confirmed that the compromised plugin has been taken offline. The company who makes the plug-in, Texthelp, thereafter confirmed the plug-in was hit for four hours by code created to generate cryptocurrency.

When mining cryptocurrency, the processing power of a computer is used to validate transactions on the cryptocurrency network.

According to the UK National Cyber Security Centre, there is nothing to suggest that members of the public are at risk at this point.

Share