Various websites have integrated cryptocurrency mining code on their platforms in the past few months. Some companies are rather open about it, whereas others have done so in a rather sneaky manner. Moreover, it seems some sites contain such code because other people hacked their backends and made unauthorized changes in the process. Various Australian government websites have suffered such hacks, by the look of things.
HACKERS TARGET GOVERNMENT WEBSITES
It is evident there is a bright future ahead for in-browser cryptocurrency mining scripts. Even though this industry has gotten a bit of a bad reputation over the past few months, the core concept seems to make a lot of sense. More specifically, it could replace traditional advertising models, as users simply lend some of their excess computing resources to mine cryptocurrencies on behalf of site owners. Assuming, that is, that site owners are open to integrating such mining scripts.
It seems hackers are now targeting less-secure but highly-trafficked websites to integrate cryptocurrency mining scripts. Going after online platforms operated by the Australian government may sound risky at first, but it does appear that a group of hackers successfully did so not long ago. This is a rather worrisome development, as it shows that Australia’s government websites are not exactly the most secure.
With over 4,000 websites around the globe falling victim to “crypto-jacking“, as this technique is called, it is evident there is a lot of cryptocurrency being mined without people realizing it. Most computer users won’t even notice it’s happening, even though it will tax their computers’ CPUs quite a bit as long as they remain on the website running the script.
In this case, it seems a lot of government websites accidentally embedded a cryptocurrency mining script due to a “hacked” backend plugin called Texthelp. As most of these platforms use commercial solutions which are globally available, it is only normal that hackers will try to disrupt this industry from within. By modifying existing plugins at the core level, they can embed cryptocurrency mining scripts without too many problems. All it takes is enough users updating their current plugin.
Rest assured this is not the last time major websites will suffer from cryptocurrency mining script-related attacks. Criminals are looking for new ways to make money, and cryptocurrency remains an alluring opportunity. Until researchers can determine how hackers modified the aforementioned plugin or website backends themselves, it is expected that more of these attacks will happen in the future. This is a highly worrisome trend, but one that will not be all that easy to counter.
Source: The Merkle