Tech 18 September 2018

Dennis Wafula

Indian gov’t websites ‘cryptojacked’ to mine cryptos

Hackers have reportedly been harnessing the processing power of several government websites in India to mine cryptocurrencies.

On Monday, the Economic Times reported that security researchers have identified “hundreds of Indian sites,” including that of the director of municipal administration of Andhra Pradesh (AP), Tirupati Municipal Corporation and Macherla municipality, that have been infected by a cryptojacking malware.

The team of Guwahati-based security researchers, which include Shakil Ahmed, Anisha Sarma, and Indrajeet Bhuyan, first discovered the vulnerabilities on AP government sites. Bhuyan was quoted by the news outlet saying that many people in the country have been exposed to cryptojacking as they trust the sites thus are not always careful to block any malicious link. The three websites are sub-domains of ap.gov.in, which has over 1.6 million visitors per month.

Bhuyan explained, “Hackers target government websites for mining cryptocurrency becaue those websites get high traffic and mostly people trust them. Earlier we saw a lot of government websites getting defaced (hacked). Now, injecting cryptojackers is more fashionable as the hacker can make money.”

According to reports, there are over 119 Indian websites infected with Coinhive Script. Coinhive is a malware that mine privacy-centric altcoin Monero. It is one of the most popular cryptojacking malware that has helped hackers illicitly mine the crypto.

In March, the official website of Union Minister Ravi Shankar Prasad was reportedly hacked and infected by the Coinhive malware. FactorDaily spotted the vulnerability, and helped fix the problem. According to Bhuyan and his team, cryptojacking operations have been on the rise since 2017. In the last quarter of 2017, crytojacking activities were at 13%. This jumped to 28% in the first quarter of 2018.

Hackers have resulted to cryptocjacking as it is less risky and requires little efforts on their part. Once the malware is installed, they just sit back and wait to earn money. The process requires little skill and with a simple cryptojacking kit being available for as little as $30 in the darknet.

This problem seems to be quickly spreading all around the world. Last month, a survey indicated that one out of every three organization in the United Kingdom has been hit by cryptojacking malware.

Note: Tokens on the Bitcoin Core (segwit) Chain are Referred to as BTC coins. Bitcoin Satoshi Vision (BSV) is today the only Bitcoin implementation that follows Satoshi Nakamoto’s original whitepaper for Peer to Peer Electronic Cash. Bitcoin BSV is the only major public blockchain that maintains the original vision for Bitcoin as fast, frictionless, electronic cash.

COMMENT

Add a Comment

latest news

New mining malware bypasses cloud security

Tech 2 hours ago

New mining malware bypasses cloud security

New malware can target and disable cloud security products in order to mine the Monero cryptocurrency.

Read More
Unwriter “breaks the rules” with his latest BitDB creation, Chronos

Tech 17 January 2019

Unwriter “breaks the rules” with his latest BitDB creation, Chronos

Unwriter, the prolific cryptocurrency developer, has been hard at work this week, introducing a series of new functions under the BitDB umbrella to make accessing data more easier.

Read More
WWF monitoring food products via blockchain

Tech 17 January 2019

WWF monitoring food products via blockchain

World Wildlife Fund (WWF) Australia seeks to promote environmentally sound practices by the monitoring of food products with blockchain.

Read More