It seems that with Cryptocurrency being the big thing at the moment, there are new exploits and attacks to help some people mine this currency. I’ve written about cryptojacking in the past and this report from the BBC shows a real life example of why this is a threat:
The Information Commissioner’s Office (ICO) took down its website after a warning that hackers were taking control of visitors’ computers to mine cryptocurrency.
Security researcher Scott Helme said more than 4,000 websites, including many government ones, were affected.
He said the affected code had now been disabled and visitors were no longer at risk.
The ICO said: “We are aware of the issue and are working to resolve it.”
Mr Helme said he was alerted by a friend who had received a malware warning when he visited the ICO website.
It’s clear from this that website operators need to take this threat more seriously. Besides doing audits on what should be running on their site, anything that isn’t needed such as Javascript should be pulled from the site. After all, while users should be protecting themselves, website operators need to ensure that they aren’t serving up anything that’s bad to their users.
Like this:
Like Loading...
Related
This entry was posted on February 12, 2018 at 8:16 am and is filed under Commentary with tags Security. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
Government Websites Pwned To Mine Cryptocurrency
It seems that with Cryptocurrency being the big thing at the moment, there are new exploits and attacks to help some people mine this currency. I’ve written about cryptojacking in the past and this report from the BBC shows a real life example of why this is a threat:
The Information Commissioner’s Office (ICO) took down its website after a warning that hackers were taking control of visitors’ computers to mine cryptocurrency.
Security researcher Scott Helme said more than 4,000 websites, including many government ones, were affected.
He said the affected code had now been disabled and visitors were no longer at risk.
The ICO said: “We are aware of the issue and are working to resolve it.”
Mr Helme said he was alerted by a friend who had received a malware warning when he visited the ICO website.
It’s clear from this that website operators need to take this threat more seriously. Besides doing audits on what should be running on their site, anything that isn’t needed such as Javascript should be pulled from the site. After all, while users should be protecting themselves, website operators need to ensure that they aren’t serving up anything that’s bad to their users.
Share this:
Like this:
Related
This entry was posted on February 12, 2018 at 8:16 am and is filed under Commentary with tags Security. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.