Become a fan of Slashdot on Facebook


Forgot your password?
Businesses Privacy Security

Hackers Hijack Government Websites To Mine Crypto-Cash ( 48

BBC reports: The Information Commissioner's Office (ICO) took down its website after a warning that hackers were taking control of visitors' computers to mine cryptocurrency. Security researcher Scott Helme said more than 4,000 websites, including many government ones, were affected. He said the affected code had now been disabled and visitors were no longer at risk. The ICO said: "We are aware of the issue and are working to resolve it." Mr Helme said he was alerted by a friend who had received a malware warning when he visited the ICO website. He traced the problem to a website plug-in called Browsealoud, used to help blind and partially sighted people access the web. The cryptocurrency involved was Monero -- a rival to Bitcoin that is designed to make transactions in it "untraceable" back to the senders and recipients involved. The plug-in had been tampered with to add a program, Coinhive, which "mines" for Monero by running processor-intensive calculations on visitors' computers. The Register: A list of 4,200-plus affected websites can be found here: they include The City University of New York (, Uncle Sam's court information portal (, Lund University (, the UK's Student Loans Company (, privacy watchdog The Information Commissioner's Office ( and the Financial Ombudsman Service (, plus a shedload of other and sites, UK NHS services, and other organizations across the globe.
This discussion has been archived. No new comments can be posted.

Hackers Hijack Government Websites To Mine Crypto-Cash

Comments Filter:
  • by Anonymous Coward on Sunday February 11, 2018 @05:54PM (#56105407)

    It's ironic that the attack vector here was a blob of JavaScript designed to make the web more accessible, when JavaScript itself has done more to destroy accessibility than any technology in the history of the web (with the possible exception of Flash).

    Unless your site is itself an application (leaving aside whether the web is a good app platform), you don't need JS at all. HTML+CSS is enough. Your site will automatically be more accessible, more compatible, use less battery and CPU, and will be more secure. It will also load much faster and be friendlier to people on crappy net connections.

    • I'm not sure of the details of the Javascript in question, but assuming it doesn't 'phone home' to some third party server, then it could be comfortably hosted on the same CDN as the host website. That would have mitigated this problem almost entirely. This is something akin to making copies of images you got from third parties rather than using them directly in your <img%gt; tags - if you don't host it yourself, you're at the whim of the third party.

      I do find it slightly heartening that the UK ICO (http

  • The hackers were trying to get early access to an Initial Coin Offering, but ended up in a different ICO instead.

    • Exactly. Irony++. Government tries to ICO but it goes all wrong, they give the monies to someone else, not the other way around.

      This ICO of theirs also seems to be related to protecting citizen data, privacy and stuffs. That's what I get from Wikipedia anyway, since the ICO website is down now. Guess the ICO domain gives it irony+2. So we get a blessed Vorpal Blade of Irony + 2. OK, old nerd overflow, sorry about that.

      In an upcoming twist, there is a cryptocurrency that is built also just for this purpose.

  • by joe_frisch ( 1366229 ) on Sunday February 11, 2018 @08:05PM (#56105763)

    A site that allowed you to view their content with the agreement that you let them mine on your computer while you are doing so might not be a terrible way to go.

    • Of course, it would have to be a site you'd trust. Hold on a moment while I go register More seriously, the real fun starts when a site that's always been trustworthy before gets hacked.
    • by Anonymous Coward

      It's been suggested. On 1 April 2017, El Reg ran this story [].

      It was about 4-5 months later that we started to see the first reports of these scams.

      But I haven't heard of anyone doing it for real.

  • A good reminder for us tech-savvy folks to keep an eye on our gkrellm windows when browsing.

    A steep climb in CPU usage or GPU temperature could be a sign of one of these jerks using you as a mining rig.

  • The tweets by Scott Helme at [] show Chrome with uBlock Origin, but what are the other extensions and which tool is being used to show the infected sites?
  • Shouldn't they be using WebGL compute ;-) GPU power for the Crypto-miner-hacker win.

Fear is the greatest salesman. -- Robert Klein