HACKERS HAVE HIJACKED various government-run websites with Coinhive's notorious Monero miner, which steals visitors' processing power to mine cryptocurrency.
Thousands of websites have been infected by the 'cryptojacking' malware, including the UK's Information Commissioner's Office, Student Loan Company and the Scottish NHS Helpline. In the US, the Indiana government and the US courts system were also discovered to be running the Monero-mining script.
The ICO's website has been taken offline by its administrators as they attempt to fix the problem, and is still unavailable at the time of writing.
As discovered by security researcher Scott Helme, the infection came through a third-party plugin called Browsealoud, developed by Texthelp, which aims to help those with impaired vision use the web.
On Sunday, as-yet-unidentified hackers corrupted the plugin, which meant users running Browsealoud who visited ico.org.uk, for example, would see their computer's CPU usage spike up while involuntarily making money for someone else.
ba.js had been altered to include a
document.write call that added a CoinHive crypto miner to any page it was loaded in to," Helme said in a blog post.
"This is a pretty bad situation to be in and any site that loads that file will now have the crypto miner installed. The sheer number of sites affected by this is huge and some of them are really prominent government websites."
Texthelp said in a statement that the compromised plugin has been taken offline, adding that a "thorough investigation" is underway.
"Texthelp can report that no customer data has been accessed or lost. The company has examined the affected file thoroughly and can confirm that it did not redirect any data, it simply used the computers CPUs to attempt to generate cryptocurrency. The exploit was active for a period of four hours on Sunday."
The UK's National Cyber Security Centre (NCSC) has spoken out, saying that "Government websites continue to operate securely and "there is nothing to suggest that members of the public are at risk." µ
He also stands accused of taping songs off the radio and jaywalking
Stella spectacles will arrive by, er, 2025
OS can tune and patch itself without human intervention
Don't expect to be surprised next week