CoinHive Cryptocurrency Mining Script Injected into Thousands of Government Websites via BrowseAloud Plugin

Introduction

In a shocking turn of events, thousands of government websites worldwide have fallen victim to a malicious attack that injected the CoinHive cryptocurrency mining script. This attack was made possible through the exploitation of a vulnerability in the popular BrowseAloud plugin. This incident highlights the increasing need for robust cybersecurity measures to protect sensitive information and ensure the integrity of government websites.

The BrowseAloud Plugin Vulnerability

The BrowseAloud plugin, developed by Texthelp, is a popular tool that assists people with visual impairments in accessing website content. Unfortunately, hackers were able to exploit a vulnerability in the plugin, allowing them to inject the CoinHive script into thousands of government websites that were using BrowseAloud.

The CoinHive script is designed to mine the cryptocurrency Monero using the processing power of visitors’ computers. This means that unsuspecting users who visited these compromised government websites unknowingly contributed their computer’s resources to mine cryptocurrency for the hackers.

The Scale of the Attack

The true scale of this attack is staggering. Reports indicate that over 4,200 websites, including those of government agencies and organizations, were affected in the United States, United Kingdom, Australia, and other countries. Some notable examples include the US Courts website, the UK Information Commissioner’s Office, and the Australian Victorian Parliament.

Texthelp, the company behind BrowseAloud, acted swiftly to address the issue and disabled the plugin on all affected websites. They also released an updated version of the plugin that fixed the vulnerability. However, the incident has raised concerns about the security of third-party plugins and the potential risks they may pose to website owners and visitors.

The Implications

The injection of the CoinHive script into government websites raises serious concerns regarding the security and trustworthiness of these platforms. Government websites are often repositories of sensitive information, and their compromise can have far-reaching consequences.

While the CoinHive script itself is not inherently malicious, its unauthorized use on government websites without the knowledge or consent of visitors is a violation of their privacy and trust. Visitors who were unknowingly subjected to cryptocurrency mining may have experienced reduced computer performance, increased electricity consumption, and potential exposure to other security risks.

Protecting Against Similar Attacks

This incident serves as a reminder of the importance of robust cybersecurity measures for all websites, especially those handling sensitive information. Here are some steps that website owners and administrators can take to protect against similar attacks:

  1. Keep all software and plugins up to date: Regularly update all website software and plugins to ensure that any known vulnerabilities are patched.
  2. Implement a web application firewall: A web application firewall can help detect and block malicious activities, providing an additional layer of protection.
  3. Perform regular security audits: Conduct regular security audits to identify vulnerabilities and address them promptly.
  4. Monitor website traffic: Keep an eye on website traffic and look for any suspicious or unusual activity that may indicate a security breach.
  5. Educate website visitors: Inform users about the potential risks of third-party plugins and encourage them to keep their devices and software updated.

Conclusion

The injection of the CoinHive cryptocurrency mining script into thousands of government websites through the BrowseAloud plugin vulnerability is a stark reminder of the evolving threat landscape in the digital world. This incident underscores the need for robust cybersecurity measures and vigilance to protect sensitive information and maintain the trust of website visitors. By staying proactive and implementing necessary security measures, website owners and administrators can mitigate the risks of similar attacks and ensure a safe browsing experience for all.

Leave a comment