earth you won’t expect cryptojacking scripts exploiting people’s
machine for cryptocurrencies? Probably, the websites owned
by feds. But it turns out, it isn’t entirely true.
Now, before one starts to think that the governments had a
change of heart and began to harvest crypto coins, the story
involves malicious actors, because, of course.
Scott Helme, a UK-based security researcher, has uncovered that a cryptocurrency mining
script was injected in Text Help’s accessibility services
plugin called BrowseAloud. The web screen reader which helps
people with visual impairments is embedded in more than 4,000
websites, many of them belonging to governments.
He started his investigation after his friend saw AV software
warnings when visiting the website of UK’s Information
Commissioner’s Office. According to Helme’s blog post, a third
party managed to modify BrowseAloud and stuff CoinHive mining
“If you want to load a crypto miner on 1,000+ websites you
don’t attack 1,000+ websites, you attack the 1 website that
they all load content from,” Helme wrote.
The scope of the cryptocurrency miner is not just limited to
the UK, but also expands to other countries including
Australia, Ireland, US, etc. Some of the affected government
sites went offline to fix the issue.
Helme said attacks like these aren’t new and they can be
mitigated by making some changes. For users, there are some options available which
can help them deal with cryptojacking scripts. For instance,
Opera browser comes with a built-in tool to prevent cryptocurrency
mining. An extension called NoCoin is available for Chrome,
Opera, and Firefox.