Indian gov’t websites ‘cryptojacked’ to mine cryptos

Getting your Trinity Audio player ready...

Hackers have reportedly been harnessing the processing power of several government websites in India to mine cryptocurrencies.

On Monday, the Economic Times reported that security researchers have identified “hundreds of Indian sites,” including that of the director of municipal administration of Andhra Pradesh (AP), Tirupati Municipal Corporation and Macherla municipality, that have been infected by a cryptojacking malware.

The team of Guwahati-based security researchers, which include Shakil Ahmed, Anisha Sarma, and Indrajeet Bhuyan, first discovered the vulnerabilities on AP government sites. Bhuyan was quoted by the news outlet saying that many people in the country have been exposed to cryptojacking as they trust the sites thus are not always careful to block any malicious link. The three websites are sub-domains of ap.gov.in, which has over 1.6 million visitors per month.

Bhuyan explained, “Hackers target government websites for mining cryptocurrency becaue those websites get high traffic and mostly people trust them. Earlier we saw a lot of government websites getting defaced (hacked). Now, injecting cryptojackers is more fashionable as the hacker can make money.”

According to reports, there are over 119 Indian websites infected with Coinhive Script. Coinhive is a malware that mine privacy-centric altcoin Monero. It is one of the most popular cryptojacking malware that has helped hackers illicitly mine the crypto.

In March, the official website of Union Minister Ravi Shankar Prasad was reportedly hacked and infected by the Coinhive malware. FactorDaily spotted the vulnerability, and helped fix the problem. According to Bhuyan and his team, cryptojacking operations have been on the rise since 2017. In the last quarter of 2017, crytojacking activities were at 13%. This jumped to 28% in the first quarter of 2018.

Hackers have resulted to cryptocjacking as it is less risky and requires little efforts on their part. Once the malware is installed, they just sit back and wait to earn money. The process requires little skill and with a simple cryptojacking kit being available for as little as $30 in the darknet.

This problem seems to be quickly spreading all around the world. Last month, a survey indicated that one out of every three organization in the United Kingdom has been hit by cryptojacking malware.