Hackers recently hijacked Australian government websites to mine Monero coins with Coinhive scripts by hacking an accessibility app.
Various websites, including Victorian and Queensland government sites, were hijacked to mine Monero coins. The list of websites included over four thousand sites from across the globe. The vulnerability of government sites, however, raises issues of national security because these public sites are meant to be secure for government services.
The exploit occurred on a Sunday for 4 hours in the early morning when not many people would be using the Australian sites. The hack came to the attention of web users because their CPUs were being overloaded with tasks and their anti-virus programs were alerting them to the hack.
Critical sites affected by the hijacking include defense.gov.au, humanservices.gov.au, schools.nsw.edu.au, premier.vic.au, passports.gov.au, and pm.gov.au. The humanservices site is the gateway site for social security in Australia and is used by many people on benefits.
The hack, however, only made around $24 due to the timing of the hack in the early morning and difficulty with processing coins in such a short period of time. The site Coinhive, moreover, made a statement saying they hadn’t even paid the $24 out to the users.
The hackers took advantage of a weakness in an accessibility tool called Texthelp which lets users have websites read out to them. All of the thousands of websites that were compromised were using Texthelp to increase accessibility of their sites.
Coinhive is a service that lets websites mine coins using a user’s CPUs. The service, however, usually asks permission to do this. Hackers, however, have created rogue scripts to misuse the service and use people’s CPUs without permission. Coinhive representatives have complained about the hack because it has given them bad publicity as their service has become synonymous with illegal activity.
