Has your computer been cryptojacked?

in #steemit8 years ago

Some sites have found a new way to make money from you: using your computer to generate virtual currencies.
Mr Helme's analysis suggests the software was online for about four hours before the company that owns the plug-in, Texthelp, acted.
In a statement, Martin McKay, Texthelp's chief technology officer, said the compromise was a criminal act and was being investigated.
"Texthelp has in place continuous automated security tests for Browsealoud, and these detected the modified file and as a result the product was taken offline," he added.
The situation could have been much worse

Mr Helme said using the same technique, malicious actors could have injected a range of malware into the websites.
For example, they could have installed a keylogger that tracks people entering usernames and passwords, a malicious software update or a virus.
"At this point, the attacker is limited by their imagination," he said.
"Right now, the worst-case scenario is you probably made some money for a criminal gang."
Australian cybersecurity researcher Troy Hunt (who runs online security workshops with Mr Helme) suggested Australia may have "gotten off lightly" thanks to the country's time zone. Most Australians would have been asleep while the compromised plug-in was operational.
"There was an awful lot more [the hacker] could have done," Mr Hunt said.
"Once you can run your own javascript on someone else's website, you can do basically anything."
For the moment, it is not clear how the perpetrators altered the plug-in.
Texthelp are yet to disclose whether an employee's credentials were stolen, whether the company's webhost was compromised or some other means.
Although responsibility ultimately lies with Texthelp, Mr Helme suggested government websites should be held to a higher security standard if they use third-party services, such as Browsealoud.
Many websites use outside providers for everything from fonts to accessibility tools, which provide an additional gateway for bad actors.
"There are technical measures that exist to protect against exactly this kind of thing. This is not a new problem," Mr Helme said.
Mr Hunt agreed the incident was a wakeup call.
There are ways of mitigating the risk. For example, he suggested, ensuring that scripts are only run if they look a certain way or only loading scripts from certain locations.
"In fairness, [the affected websites] are not out of step with the industry," Mr Hunt said. "Websites in general have to get more serious about what they will trust to run."
The UK National Cyber Security Centre said it was investigating the incident:
"At this stage there is nothing to suggest that members of the public are at risk."
The Queensland Civil and Administrative Tribunal said it has disabled the Browsealoud plug-in on their website.
The Queensland Government, the Victorian Parliament and the Australian Cyber Security Centre have been contacted for comment

Coin Marketplace

STEEM 0.04
TRX 0.33
JST 0.097
BTC 62567.91
ETH 1740.38
USDT 1.00
SBD 0.39