On February 11, 2018, thousands of websites became infected with malware designed to hijack browsers and make them mine cryptocurrencies while remaining undetected by users.
Counted among the more than 4,000 affected sites were those of US and UK government services including the UK's Information Commissioner's Office and the General Medical Council. The malware was embedded in an altered version of a tool used by people who have difficulty reading the text on websites called Browsealoud, developed by software maker Texthelp.
Responding to the issue, the Information Commissioner's Office opted to shut down its web services:
Martin McKay, CTO and data security officer at Texthelp, issued a statement regarding the exploit:
Both the National Cyber Security Centre and National Crime Agency are now assisting with Texthelp's criminal investigation. While no data was lost or stolen, according to McKay's statement, for at least four hours, browsers affected by the software mined cryptocurrencies; investigators are still trying to identify the individual or group that committed the cyberattack.
A spokesperson from the National Cyber Security Centre issued a statement that might put any remaining public concerns to rest. "The affected service has been taken offline, largely mitigating the issue. Government websites continue to operate securely. At this stage there is nothing to suggest that members of the public are at risk."
McKay related that Browsealoud will be offline until February 13, 2018, so that customers can "learn about the issue and the company's response plan." The statement also said no other Texthelp products have been affected by the mining malware.
Malware mining software has risen in prevalence alongside the popularity of cryptocurrencies, and browsers aren't the only attack vector; unwanted miners have been used on university networks, phones, and smart televisions. In one case, a large botnet was found to span across at least 15,000 systems.
To both government agencies and the companies that provide services to them, this might be a big wake-up call for the necessary security precautions that must be implemented to avoid systems being bogged down by mining cryptocurrencies at the taxpayer's expense.