Thousands of government, orgs’ websites found serving crypto mining script

Monero

 

 

 

 

 

 

 

On Sunday, over 4,200 websites around the world started hijacking visitors’ browsers to mine the Monero crypto currency.

The problem was first noticed and partly documented by security researcher Scott Helme:

Among the compromised websites were that of UK’s Information Commissioner’s Office and the Financial Ombudsman Service, the US Courts information portal, Manchester’s city council, the City University of New York, the Indiana state government, the Swedish Police, and so on.

It didn’t take long for Helme to pinpoint the source of the compromise: Browsealoud, a service run by a UK-based firm Texthelp.

The company serves a JavaScript that “adds speech, reading, and translation to websites facilitating access and participation for people with Dyslexia, Low Literacy, English as a Second Language, and those with mild visual impairments.”

Read more at: www.helpnetsecurity.com

Advertisements

Leave a Reply

%d bloggers like this: