Comments are now closed due to spamming and personal attacks.

Twitter: https://twitter.com/huffpoclub

More Than 4,000 Government Websites Infected With Covert Cryptocurrency Miner

Posted on Tuesday, 13th February 2018 @ 08:13 PM by Text Size A | A | A

The rise of cryptocurrency mining software like Coinhive has been a decidedly double-edged sword. While many websites have begun exploring cryptocurrency mining as a way to generate some additional revenue, several have run into problems if they fail to warn visitors that their CPU cycles are being co-opted in such a fashion. That has resulted in numerous websites like The Pirate Bay being forced to back away from the software after poor implementation (and zero transparency) resulted in frustrated users who say the software gobbled upwards of 85% of their available CPU processing power without their knowledge or consent.

But websites that don’t inform users this mining is happening are just one part of an emerging problem. Hackers have also taken to using malware to embed the mining software into websites whose owners aren’t aware that their sites have been hijacked to make somebody else an extra buck. Politifact was one of several websites that recently had to admit its website was compromised with cryptocurrency-mining malware without their knowledge. Showtime was also forced to acknowledge (barely) that websites on two different Showtime domains had been compromised and infected with Coinhive-embedded malware.

While Bloomberg this week proclaimed that governments should really get behind this whole cryptocurrency mining thing, the reality is that numerous governments already have — just not in the way they might have intended. Security researcher Scott Helme this week discovered that more than 4,000 U.S. and UK government websites — including the US court system website — have been infected with cryptocurrency mining malware, a number that’s sure to only balloon.

As Helme notes, attackers don’t need to even attack each website individually, as they’ve found a way to compromise shared resources like Text Help, whose modified script files were then loaded by thousands of websites at a pop:

Fortunately this attack isn’t particularly hard to neutralize, with a tiny modification to the share script being able to nip similar, future attacks in the bud. But Helme also notes that this entire kerfuffle could have been substantially worse:

Ultimately it seems like these kinds of attacks should be easy to avoid once site administrators and governments wise up to the rising threat. That said, reports by cybersecurity firm CrowdStrike have suggested things will get a little worse before they get better. Again though, the malware angle is just one conversation we need to be having. How sites can responsibly and transparently implement miners as an alternative revenue stream is going to be something we’ll be talking about for a while, as Salon made evident this week as the first website to offer the option as an alternative to traditional advertising.

Related News On HPUB:

  • Deutsche Bank “Mistakenly” Sends $35 Billion Out The Door

    Back in the summer of 2015, Deutsche Bank mistakenly paid $6 billion to a hedge fund client in a “fat finger” trade on its foreign exchange desk . The embarrassed bank recovered the money from the US hedge fund…

  • Deutsche Bank “Mistakenly” Sends $35 Billion Out The Door

    Back in the summer of 2015, Deutsche Bank mistakenly paid $6 billion to a hedge fund client in a “fat finger” trade on its foreign exchange desk . The embarrassed bank recovered the money from the US hedge fund…

  • Farenthold resigned ahead of ethics ruling against him

    Former GOP Rep. Blake Farenthold‘s (R-Texas) sudden resignation announcement earlier this month was prompted by an impending House Ethics ruling against him, the office of Rep. Jackie Speier (D-Calif.) confirmed to The Hill on Tuesday. The committee — which was investigating…

  • Iraq carries out air strikes on Daesh sites in Syria

    Iraq today carried out air strikes on Daesh positions in Syria a week after Prime Minister Haider Al-Abadi said his country would defend itself from militant threats across the border. Iraqi F-16 warplanes crossed into Syria…

... post your own so far 0 comments

Comments

No comments yet.

Leave a Comment

You must be logged in to post a comment.

 
  • Hpub asks

    • Sorry, there are no polls available at the moment.