Over the last few days, reports continue to find websites targeted by third parties looking to earn a profit through exploiting security breaches. Notably, several official government websites were victim to a breach involving the unauthorized mining of digital currencies, including the government of Ontario.

Included in the list of government websites affected were several located in Ontario, including the website for the Centre for Addiction and Mental Health (CAMH), the Information and Privacy Commissioner of Ontario, and the official website of the Ontario Government.

This phenomenon is titled ‘cryptojacking,’ referring to hackers breaching websites and running third-party scripts that make use of the computing resources of users. While almost anyone can volunteer to mine digital currency, in these cases the operation is carried out without user permission.

Cryptojacking incidents are becoming common as a result of the popularity of digital currencies. Hackers view the price of digital currencies, and the reward for mining, as an opportunity to earn an easy profit.

In this instance, hackers took advantage of a plugin called Browsealoud and configured it to run a cryptojacking script. For the time being, Browsealoud’s parent company, Texthelp, took down the plugin, yet state that it was breached for a period of four hours on Sunday before action was taken.

“At 11:14 am GMT on Sunday 11th February 2018, a JavaScript file which is part of the Texthelp Browsealoud product was compromised during a cyber attack,” they said in their statement.  “The attacker added malicious code to the file to use the browser CPU in an attempt to illegally generate cryptocurrency. This was a criminal act.”

Consequences of the breach for Ontario

While many fear the result of the breach, Texthelp reports that no data was compromised. In fact, according to Texthelp, the hackers only ran cryptojacking scripts, meaning that aside from intrusion and potentially higher electricity usage, most users would not be affected in the long term.

“Texthelp can report that this attacker did not attempt to extort or ransom money from Texthelp or Texthelp customers,” they said. “The company has examined the affected file thoroughly and can confirm that no customer data has been accessed or lost. The file used the computer’s CPUs to attempt to generate cryptocurrency. “

Texthelp is perhaps the most affected by this attack, as they are now tasked with restoring their image in the eye of the public.

Similar breaches in the UK and Australia

With this news, Ontario joins the UK and Australia, which were both affected by the same breach. In Australia and the UK, several government websites, including the Australian Victorian parliament and the UK National Health Service, reportedly ran the same cryptojacking script.

In the past, hackers made similar use of YouTube ads, as well as thousands of other websites, in order to mine digital currency without user awareness or permission.

Typically these breaches make use of a JavaScript-based digital currency miner known as Coinhive, which was created as an alternative to digital advertising. With Coinhive’s reputation damaged due to the wave of unauthorized uses, the Coinhive team refocused their efforts on a new tool called AuthedMine, which requires user permission to run.

Share your comments below