Thousands of websites infected by 'crypto mining' malware

February 12, 2018
Researchers report a new kind of malware which operates in stealth mode to "mine" cryptocurrencies has infected at least 4,000 websites including those operated by government agencies

Thousands of websites around the world, including many operated by governments, have been infected by hackers using the sites' computing power to "mine" cryptocurrencies, security researchers said.

The attack is the first major incident made public in which a new breed of hackers took over a of websites to effectively create currencies like bitcoin which are generated by using computing power.

The made public over the weekend by British security researcher Scott Helme showed more than 4,000 website were infected in this manner, including those of the British data protection and privacy watchdog and the US federal courts system.

Unlike traditional attacks, these infections do not contain "ransomware" or steal data, but operate in stealth mode to make profits from the shadowy world of cryptocurrencies.

Helme said in a blog post Sunday that the hackers were able to reach large numbers of websites by infecting a commonly used "plug-in," or software which helps a site run better.

In this case, the hackers used the malicious software to create Monero, one of several new cryptocurrencies which are making a splash in financial markets.

"If you want to load a crypto miner on 1,000+ websites you don't attack 1,000+ websites, you attack the 1 that they all load content from," he said.

The creator of the plug-in, the British software firm TextHelp, said it took the affected software offline after it discovered the "attempt to illegally generate cryptocurrency. "

"This was a criminal act and a thorough investigation is currently underway," the company said in a statement.

Researchers have been warning in recent weeks about this kind of malware, which can deliver profits without being obvious to users.

Security researchers at Cisco Talos warned last month that this kind of hacking activity "has exponentially increased."

Because of the huge financial gains in cryptocurrencies, Cisco researchers said this has become a prime target for hackers.

"At a high level mining is simply using system resources to solve large mathematical calculations which result in some amount of cryptocurrency being awarded to the solvers," Cisco researchers wrote in a research note.

Security researcher Graham Cluley said the latest attack highlights vulnerabilities in websites which may have weaknesses in third party components.

"Things could have been much worse," Cluley said in a blog post. "Imagine if the plug-in had been tampered with to steal login passwords rather than steal CPU resources from visiting computers."

Explore further: Tech companies targeted by sophisticated malware attack

Related Stories

Recommended for you

Electrode shape improves neurostimulation for small targets

April 24, 2018

A cross-like shape helps the electrodes of implantable neurostimulation devices to deliver more charge to specific areas of the nervous system, possibly prolonging device life span, says research published in March in Scientific ...

China auto show highlights industry's electric ambitions

April 22, 2018

The biggest global auto show of the year showcases China's ambitions to become a leader in electric cars and the industry's multibillion-dollar scramble to roll out models that appeal to price-conscious but demanding Chinese ...

After Facebook scrutiny, is Google next?

April 21, 2018

Facebook has taken the lion's share of scrutiny from Congress and the media about data-handling practices that allow savvy marketers and political agents to target specific audiences, but it's far from alone. YouTube, Google ...

Robot designed for faster, safer uranium plant pipe cleanup

April 21, 2018

Ohio crews cleaning up a massive former Cold War-era uranium enrichment plant in Ohio plan this summer to deploy a high-tech helper: an autonomous, radiation-measuring robot that will roll through miles of large overhead ...

How social networking sites may discriminate against women

April 20, 2018

Social media and the sharing economy have created new opportunities by leveraging online networks to build trust and remove marketplace barriers. But a growing body of research suggests that old gender and racial biases persist, ...

0 comments

Please sign in to add a comment. Registration is free, and takes less than a minute. Read more

Click here to reset your password.
Sign in to get notified via email when new comments are made.