WordPress plugin hacked to mine cryptocurrency: government, ICO, NHS sites hit

The code in purple is malicioius. Pic Scott Helme
Image The code in purple is malicioius. Pic Scott Helme
Author

15 February, 2018

CoinHive is one of the most blocked piece of software on the web with over 130 million blocks every week, according to Malwarebytes, the anti-malware firm, and the result of adding it to the code meant that every site hosting the plugin and those sites' visitor were turned into cryptocurrency miners. "They're the people we complain to when companies do bad things with our data", Helme said.

Over 4,200 websites are in the victims list [link], including The City University of NY, the USA court information portal (uscourts.gov), Lund University, the privacy watchdog The Information Commissioner's Office (ICO), and several other government, health and educational websites across the world.

Over 4,000 sites from across the world - including those owned by the UK's Information Commissioner's Office (ICO) and the NHS - were taken down yesterday after security researcher Scott Helme raised the alarm.

Helme says that this attack vector is nothing new, but it would have taken a simple tweak to the loading script to prevent it happening in the first place.

Australian government websites using the same plugin were also compromised.

Flawed US policy to make world's nuclear peril greater — Interview
However, the United States has considered, rightly claimed South Korea as the sole legitimate representative of all of Korea. No form of political dissent or free speech that does not agree with Kim Jong Un's narrative is tolerated in the country.

Yesterday morning, hackers breached a JavaScript file contained within the code of Browsealoud - a product made by United Kingdom tech company Texthelp that offers a website plug-in to convert text to audio for visually impaired web users.

According to the BBC, the cryptocurrency involved was Monero-a Bitcoin rival created to be untraceable. "This removed Browsealoud from all our customer sites immediately, addressing the security risk without our customers having to take any action", said Texthelp data security officer Martin McKay.

The cryptojacking program called Coinhive was inserted into website codes through the tainted version of Browsealoud for mining the digital currency Monero. They could have extracted personal data, stolen information or installed malware.

The hacked plugin, TextHelp's Browsealoud, reads websites aloud for users with partial or total blindness. In Australia, the Queensland Civil and Administrative Tribunal, the Victorian Parliament, and the Queensland Government's legislation websites were affected. The attacker added malicious code to the file to use the browser CPU in an attempt to illegally generate cryptocurrency. The company who makes the plug-in, Texthelp, thereafter confirmed the plug-in was hit for four hours by code created to generate cryptocurrency.

On Sunday, the UK National Cyber Security Center (NCSC), part of the GCHQ intelligence agency, said that there is "nothing to suggest that members of the public are at risk". Texthelp said it was investigating the matter and described the breach of its system as a "criminal act".


More news


  • NCAA Tournament 2018: Selection committee releases top 4 seeds for each region

    NCAA Tournament 2018: Selection committee releases top 4 seeds for each region

    The rankings could certainly change before the field of 68 is selected on March 11 with more than 1,000 games yet to be played. Auburn's only losses this season have come against teams rated 17th (Texas A&M), 33rd (Alabama) and 39th in the RPI (Temple).
    Priti Patel: Government officials 'pushed back' inquiry into aid workers' abuse

    Priti Patel: Government officials 'pushed back' inquiry into aid workers' abuse

    Goldring apologised yesterday and said he was 'deeply ashamed of Oxfam's behaviour [in Haiti]'. Asked if that was a lie, Mordaunt said: "Well, quite".
    Police warn against sharing explicit video

    Police warn against sharing explicit video

    After the video began circulating Facebook, several law enforcement agencies throughout the country began investigating. ACCPD has been made aware of a video making its way around social media involving child pornography.
  • Man charged in drunken-driving crash that killed NFLer Jackson

    Man charged in drunken-driving crash that killed NFLer Jackson

    Jackson and Monroe were standing outside the driver's vehicle before being hit by a pickup truck, according to police. He was convicted of driving under the influence in Redwood City, Calif., in 2005, Alberico said.
    PFA offer assistance in ongoing dispute between Leicester and Riyad Mahrez

    PFA offer assistance in ongoing dispute between Leicester and Riyad Mahrez

    The Algeria global has embarked on a self-imposed strike since his move to Manchester City in January fell through. After Saturday's game, Puel admitted he had no idea when Mahrez would return.
    Kirk Cousins Wants To Play for A Contender

    Kirk Cousins Wants To Play for A Contender

    Death to the franchise tag! I'm fully aware he hasn't had much of a running game and his weaponry dropped off this season. This means the Redskins are getting their quarterback of the future, as Smith has also signed an extension with the team.
  • Taliban bomber kills 11 soldiers in Pakistan's Swat Valley

    Taliban bomber kills 11 soldiers in Pakistan's Swat Valley

    A large contingent of security personnel secured the area after the attack and started an initial investigation into the blast. The suicide bomber struck Saturday evening while the soldiers were playing volleyball after duty.
    Upcoming PlayStation 4 update includes play time management

    Upcoming PlayStation 4 update includes play time management

    The update also brings with it a PS Plus tab that let you see at a glance what games are in the Monthly Free Games Library. The Quick Menu is being made, well, more quick to navigate in update 5.5 with the ability to access custom friends lists.
    Morocco Lift CHAN Trophy, Pocket $1.25million

    Morocco Lift CHAN Trophy, Pocket $1.25million

    Antony Okpotu has been dropped from the Nigeria squad for their crunch African Nations Championship final clash with Morocco .
  • 2nd Federal Court Blocks Trump From Rescinding DACA

    2nd Federal Court Blocks Trump From Rescinding DACA

    Created by the Obama administration through executive action in 2012, DACA now protects almost 700,000 Dreamers from deportation. But he followed that up by ruling that the government still had to accept renewal applications from people now in the program.
    FireEye (FEYE) Given a $20.00 Price Target at Evercore ISI

    FireEye (FEYE) Given a $20.00 Price Target at Evercore ISI

    Following the completion of the transaction, the director now directly owns 7,099 shares in the company, valued at $96,333.43. The company reported the earnings of $0.01/Share in the last quarter where the estimated EPS by analysts was $-0.01/share.
    Train Crash Kills 2 In South Carolina

    Train Crash Kills 2 In South Carolina

    Amtrak said in a statement that the lead engine as well as several passenger cars had derailed as a result of the collision . Smith said he and his friend saw passengers limping along the tracks, while others tried to get everyone out of the cars.