Crypto-Mining Hack Hijacks Thousands of Government Sites

Forum Moderators: open

Message Too Old, No Replies

Crypto-Mining Hack Hijacks Thousands of Government Sites

engine

12:20 pm on Feb 12, 2018 (gmt 0)

It appears that thousands of government sites around the world were mining cryptocurrencies via a popular "browsaloud" plugin used by blind and poorly-sighted people.

This technology was compromised in some way – either by hackers or rogue insiders altering Browsealoud's source code – to silently inject Coinhive's Monero miner into every webpage offering Browsealoud.

For several hours today, anyone who visited a site that embedded Browsealoud inadvertently ran this hidden mining code on their computer, generating money for the miscreants behind the caper. Crypto-Mining Hack Hijacks Thousands of Government Sites [theregister.co.uk]

TorontoBoy

12:59 pm on Feb 12, 2018 (gmt 0)

This hack sounds like a cross site scripting attack. I wonder if a content security policy would have blocked this XSS attack? Has anyone used this subresource integrity check?

bwnbwn

6:33 pm on Feb 12, 2018 (gmt 0)

I just got a bad email from a Govt site in Germany.

Looks like the hacker has a wicked program running using mined social media to connect the email to me in a personal way from my suppose to be wife. Used her name to actually forward the email to me. Like she forwarded the email to me to look at.

Pretty good one almost got me to look at the link and I am usually very careful.

Webwork

2:11 pm on Feb 13, 2018 (gmt 0)

Ouch! ^That's^ just downright, full on "I have absolutely no conscience" evil, bwnbwn . . and, of course, we know how such SOBs think: "Hey, if he's stupid enough to fall for our ploy it's his fault . . . that we steal his money, his personal info, his . . . "

Sometimes, I wish there was a hell (for such SOBs) . . and sometimes it feels like we needn't leave this planet earth to find it . . because of the SOBs . . sigh . .

martinibuster

3:20 pm on Feb 13, 2018 (gmt 0)

I'm just sitting here watching the wheels go round and round...

chewy

4:09 pm on Feb 22, 2018 (gmt 0)

bwnbwn - you mention something I've been seeing more of these days.

This type of phishy spoofed email from my wife is now pretty common - i get them from my sister and others as well. And there is no way these are guessed.

It is quite clear they have information as to whom I email with regularly.

Has anybody got a useful word or phrase for this phenomenon - or any way to diagnose them further or maybe stop them?

thanks!

TorontoBoy

6:05 pm on Feb 22, 2018 (gmt 0)

The old way was to break into the computer and suck in their contacts list. Use the list to hack more.

This does not work if you do web mail. For web mail you need to break into their email account, then suck in their contacts list.

Jonesy

10:10 pm on Feb 24, 2018 (gmt 0)

This does not work if you do web mail. For web mail you need to break into their email account, then suck in their contacts list.

I see that fairly often ... folks I know who are AOL or Yahoo freemail users get their account cracked and I start getting spam from their username <but@spammerexample.com>. Sometimes I see one or two other, identifiable email addys in the To: list that can be tied back to the AOL/Yahoo victim. I've never seen that the victim has lost control of the account --- they can log in and change their password. So, it appears the cracker simply sucked down the addressbook.

TorontoBoy

11:44 pm on Feb 24, 2018 (gmt 0)

I occasionally get people who have died emailing me info about male enhancement products. For this I do not rise to the occasion.