Getty Images
Hackers compromised thousands of high-profile websites across the globe Sunday to secretly mine the cryptocurrency monero, according to reports.Monero is currently one of the most popular payment methods on the dark web — a hidden part of the internet only accessible through a specialized browser that anonymizes your identity and where drugs, guns and other illicit items are freely available.For a period of four hours, tens of thousands of visitors to more than 4,000 U.S., Canadian, U.K. and Australian government websites unwittingly mined the digital coin for hackers, exploiting a significant hole in security.Some 4,275 websites were compromised, including the U.S. courts online portal, and the websites of the Information Commissioner Office and National Health Service in the U.K.
Advertisement
Monero, which has a market capitalization of $3.9 billion, has gained traction on the dark web due to its privacy features, making it much harder to trace than bitcoin.As the price of cryptocurrencies has skyrocketed in recent months, the prevalence of such schemes has multiplied as criminals seek to cash in on rising prices.How does it work? Malicious code secretly grabs a portion of your computer’s processing power when you open the website in your browser, and mines cryptocurrency.Though mining bitcoin can only really be done using powerful, specialized computers, mining digital coins such as monero requires much less processing power — which is part of what makes it attractive to the criminal underworld
The hackers didn’t compromise each individual website, but attacked a widely-used plugin called Browsealoud that reads out text from websites for blind or partially-sighted people.Having hacked the Browsealoud code to silently inject Coinhive's Monero miner, any website using the plugin would automatically be compromised.So many government websites have been attacked because there are regulatory requirements around accessibility that these sites have to meet.Texthelp, the company that develops and distributes BrowseAloud, took the code offline and said it is investigating the incident and that no customer data had been leaked.No hacking group has claimed responsibility for the attack, and it is unclear how much monero was mined during the four-hour window.While embarrassing for online administrators, experts have pointed out that a tiny change in a website’s code would completely block such attacks.“This is not a particularly new attack and we've known for a long time that hosted assets are a prime target to compromise a single target and then infect potentially many thousands of websites,” Scott Helme, the security researcher who first spotted the problem, said. “The thing is though, there's a pretty easy way to defend yourself against this attack.”Cover image: Green light illuminates the case of a mining rig operating inside a shipping container converted into a mobile cryptocurrency mining farm, operated by BitCluster, at Rodniki Industrial Park in Rodniki, Russia, on Tuesday, Feb. 6, 2018. (Andrey Rudakov/Bloomberg via Getty Images)