Government websites infected with Monero mining malware over the weekend
NSA cyberweapon leak: when will this nightmare end?
If you find your computer lagging for no clear reason, check the open pages on your web browser—one of them might be mining for someone else.
The booming cryptocurrency industry has been attracting a new generation of crime, along with new breeds of malware. Last year’s leak of high-grade hacking tools—from no less than the National Security Agency (NSA) itself—is not making life any easier for the field of cybersecurity.
According to the Guardian, over 5,000 websites—including government websites have been infected by mining malware over the weekend. In what is now known as “cryptojacking,” the malware triggers a script that secretly uses visitors’ computers to mine cryptocurrencies for the attackers, effectively using up their bandwidth and processing power. In this instance, the attackers were mining Monero (XMR).
The attackers deployed the coin-mining malware known as Coinhive by slipping it through a usability plugin called BrowseAloud, which primarily assists people with dyslexia, visual impairments, and those with low English literacy by providing speech and translation to websites.
The government websites that have been infected include the UK’s National Health Services (NHS), and a range of Australian government websites including the Victorian parliament’s, the Queensland Civil and Administrative Tribunal, the Queensland ombudsman, the Queensland Community Legal Centre homepage, and the Queensland legislation website.
Brace yourselves. There may be more.
Last year, a Pandora’s box of cyberweapons capable of different types of hacks were unleashed from the NSA’s artillery. It has been wreaking havoc worldwide-web-wide since, which is why it’s not surprising that only two days ago, reports have been circulating stating that US intelligence officials have been making (paid) attempts to retrieve the cyberweapons from a mysterious Russian peddler.
What’s even more troubling about the news is that what’s already out on the internet can never be “retrieved.” This only insinuates that there’s more to be unleashed, hence the attempts to “retrieve” them before they are circulated. And even if they succeed at paying someone off in exchange for the tools, it’s very logical to assume that these tools have been copied. Paying someone not to circulate such files is pretty much a Hail Mary pass at this point.