Government Websites Pwned To Mine Cryptocurrency

It seems that with Cryptocurrency being the big thing at the moment, there are new exploits and attacks to help some people mine this currency. I’ve written about cryptojacking in the past and this report from the BBC shows a real life example of why this is a threat:

The Information Commissioner’s Office (ICO) took down its website after a warning that hackers were taking control of visitors’ computers to mine cryptocurrency.

Security researcher Scott Helme said more than 4,000 websites, including many government ones, were affected.

He said the affected code had now been disabled and visitors were no longer at risk.

The ICO said: “We are aware of the issue and are working to resolve it.”

Mr Helme said he was alerted by a friend who had received a malware warning when he visited the ICO website.

It’s clear from this that website operators need to take this threat more seriously. Besides doing audits on what should be running on their site, anything that isn’t needed such as Javascript should be pulled from the site. After all, while users should be protecting themselves, website operators need to ensure that they aren’t serving up anything that’s bad to their users.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: