Thousands of websites around the world, including many operated by governments, have been infected by hackers using the sites' computing power to "mine" cryptocurrencies, security researchers said. The attack is the first major incident made public in which a new breed of hackers took over a large numbers of websites to effectively create currencies like bitcoin which are generated by using computing power.
The attacks made public over the weekend by British security researcher Scott Helme showed more than 4,000 website were infected in this manner, including those of the British data protection and privacy watchdog and the US federal courts system. Unlike traditional attacks, these infections do not contain "ransomware" or steal data, but operate in stealth mode to make profits from the shadowy world of cryptocurrencies.
Helme said in a blog post Sunday that the hackers were able to reach large numbers of websites by infecting a commonly used "plug-in," or software which helps a site run better. In this case, the hackers used the malicious software to create Monero, one of several new cryptocurrencies which are making a splash in financial markets.
"If you want to load a crypto miner on 1,000+ websites you don't attack 1,000+ websites, you attack the 1 website that they all load content from," he said. The creator of the plug-in, the British software firm TextHelp, said it took the affected software offline after it discovered the "attempt to illegally generate cryptocurrency. "This was a criminal act and a thorough investigation is currently underway," the company said in a statement.