Tech 18 September 2018Dennis Wafula
Indian gov’t websites ‘cryptojacked’ to mine cryptos
Hackers have reportedly been harnessing the processing power of several government websites in India to mine cryptocurrencies.
On Monday, the Economic Times reported that security researchers have identified “hundreds of Indian sites,” including that of the director of municipal administration of Andhra Pradesh (AP), Tirupati Municipal Corporation and Macherla municipality, that have been infected by a cryptojacking malware.
The team of Guwahati-based security researchers, which include Shakil Ahmed, Anisha Sarma, and Indrajeet Bhuyan, first discovered the vulnerabilities on AP government sites. Bhuyan was quoted by the news outlet saying that many people in the country have been exposed to cryptojacking as they trust the sites thus are not always careful to block any malicious link. The three websites are sub-domains of ap.gov.in, which has over 1.6 million visitors per month.
Bhuyan explained, “Hackers target government websites for mining cryptocurrency becaue those websites get high traffic and mostly people trust them. Earlier we saw a lot of government websites getting defaced (hacked). Now, injecting cryptojackers is more fashionable as the hacker can make money.”
According to reports, there are over 119 Indian websites infected with Coinhive Script. Coinhive is a malware that mine privacy-centric altcoin Monero. It is one of the most popular cryptojacking malware that has helped hackers illicitly mine the crypto.
In March, the official website of Union Minister Ravi Shankar Prasad was reportedly hacked and infected by the Coinhive malware. FactorDaily spotted the vulnerability, and helped fix the problem. According to Bhuyan and his team, cryptojacking operations have been on the rise since 2017. In the last quarter of 2017, crytojacking activities were at 13%. This jumped to 28% in the first quarter of 2018.
Hackers have resulted to cryptocjacking as it is less risky and requires little efforts on their part. Once the malware is installed, they just sit back and wait to earn money. The process requires little skill and with a simple cryptojacking kit being available for as little as $30 in the darknet.
This problem seems to be quickly spreading all around the world. Last month, a survey indicated that one out of every three organization in the United Kingdom has been hit by cryptojacking malware.
Note: Tokens on the Bitcoin Core (SegWit) chain are referenced as BTC coins; tokens on the Bitcoin Cash ABC chain are referenced as BCH, BCH-ABC or BAB coins.
Bitcoin Satoshi Vision (BSV) is today the only Bitcoin project that follows the original Satoshi Nakamoto whitepaper, and that follows the original Satoshi protocol and design. BSV is the only public blockchain that maintains the original vision for Bitcoin and will massively scale to become the world’s new money and enterprise blockchain.
Tech 22 May 2019
China’s e-commerce firm JD.com has applied for 200 blockchain patents
JD.com, also known as Jingdong and formerly as 360Buy, is one of the leading blockchain patents applicants in the world, and is leading the way in Chinese blockchain patents.
Tech 22 May 2019
ABN AMRO ditches BTC wallet, but eyes blockchain trade inventory system
ABN AMRO got the message that nobody wanted their BTC custodial wallet, so they’ll be working on a blockchain inventory instead.
Tech 22 May 2019
Calastone debuts world’s largest blockchain financial services system
Calastone has launched what they claim is the biggest blockchain for financial service organizations.