Tech & Science Government websites fall prey to cryptocurrency mining hijack

15:53  12 february  2018
15:53  12 february  2018 Source:   Engadget

Russian Engineers Arrested For Using Nuclear Weapons Facility To Mine Cryptocurrency

  Russian Engineers Arrested For Using Nuclear Weapons Facility To Mine Cryptocurrency Russian authorities say they have arrested several engineers employed at the the All-Russian Research Institute of Experimental Physics in Sarov, a top secret nuclear weapons facility, because they were involved in a cryptocurrency-mining scheme at work. The tightly guarded nuclear facility is where the USSR's first nuclear bomb was built. According to the BBC, it has about 20,000 employees and one of the country's strongest supercomputers, which can run at one petaflop, or perform a quadrillion operations per second. That's ideal for running nuclear scientific calculations and simulations.

It's not just private companies' websites falling victim to cryptocurrency mining hijacks . In this article: australia, browsealoud, coinhive, cryptocurrency , currency, gear, government , hijack , internet, mining , monero, security, texthelp, uk, web .

From around the web . About.

a clock on a table© Provided by Engadget It's not just private companies' websites falling victim to cryptocurrency mining hijacks. Security consultant Scott Helme and the Register have discovered that intruders compromised over 4,200 sites with Coinhive's notorious Monero miner, many of them government websites from around the world. This includes the US court info system, the UK's National Health Service and Australian legislatures, among others. The intruders spread their JavaScript code by modifying an accessibility plugin for the blind, Texthelp's Browsealoud, to inject the miner wherever Browsealoud was in use.

UNICEF recruits gamers to mine cryptocurrency for Syrian kids

  UNICEF recruits gamers to mine cryptocurrency for Syrian kids It hopes to appeal to young people's desire to do social good.Game Chaingers uses your graphics card's power to mine for cryptocurrency, which then goes straight to UNICEF's account. Of course, the more participants there are, the more coins it can mine -- if the hundreds of millions of gamers around the world help out, the organization can raise a considerable amount. UNICEF says it created the project out of a need to find new donors, since most of its benefactors are already over 50. By asking to borrow PCs' processing power instead of straight-out appealing for cash, even those who wouldn't usually give to charities could contribute.

Pic above, and loot: Helm of the Fallen Defender, Malchazeen, and Farstrider Wildercloak. Nice job! The Misfits of Kalecgos-H dropped Nightbane (and could use a few more peeps to go into Gruul's Lair with them).

You can add location information to your Tweets, such as your city or precise location, from the web and via third-party applications. Embed this Video. Add this Tweet to your website by copying the code below. Learn more.

The mining only took place for several hours on February 11th before Texthelp disabled the plugin to investigate. Government sites like the UK's Information Commissioner's Office also took pages down in response. As with most of these injections, your system wasn't facing a security risk -- you would have just noticed your system bogging down while searching for government info. The mining goes away the moment you visit another page or close the browser tab. The biggest hassle was for the site operators, who are now discovering that their sites are vulnerable to intruders slipping in rogue code without verification.

It's not certain who's behind the attempt, but these hijacks tend to be the work of criminals hoping to make a fast profit.

Evidence Of A Bursting Bitcoin Bubble Is Piling Up

  Evidence Of A Bursting Bitcoin Bubble Is Piling Up Goldman Sachs sees bitcoin red flags everywhere.The 40 percent sell-off in bitcoin and other cryptocurrencies to start the year has once again sparked concerns among investors that a bubble in cryptocurrency prices may be bursting. Unfortunately for investors, Goldman Sachs analysts now say they see plenty of evidence that the cryptocurrency market is experiencing a textbook financial market bubble.

How hackers can hijack your computer to make free money. Our Picks. Popular. Hackers allegedly compromised the website and inflicted it with a cryptocurrency - mining script, a program that uses visitors’ CPU power to generate Monero, a digital currency like Bitcoin that professes anonymity.

But now researchers at ESET have discovered a new method of mining cryptocurrencies , which can be done directly within your web browser, using JavaScript. This gives attackers the potential to reach a greater number of victims, by infecting websites , rather than by targeting individual machines.

The big problem: this might continue to happen for a while. Although antivirus tools can catch Coinhive, a more definitive solution would be to use a fingerprinting technique (subresource integrity) that verifies of outside code and blocks any modifications. And there's no indication that many websites, whether government or private, are in a rush to implement it.

Scott Helme (Twitter), PublicWWW

How hackers stole $188 million from an Italian cryptocurrency exchange .
Cyber security expert Tyler Moffitt breaks down the "very bad code" behind theft.Hackers had managed to drain the exchange of XRB coins at the price of $11.05 each by making unauthorised transactions to near-untraceable accounts.

—   Share news in the SOC. Networks

Topical videos:

This is interesting!