Skip to main content

Government websites fall prey to a plugin injected with a digital coin miner

government monero
Image used with permission by copyright holder

Thousands of websites relying on the Browsealoud plugin developed by U.K.-based Texthelp recently fell prey to a hack that secretly ran a cryptocurrency mining script in the background of visiting PCs. Websites use this specific plugin for visually impaired visitors so they can hear content, but on Sunday, February 11, someone managed to alter the plugin’s code to run Coinhive’s controversial JavaScript-based Monero digital currency miner. 

Because it’s based on JavaScript, administrators can easily insert Coinhive’s miner into a webpage. It runs in the background while visitors browse the website, silently mining digital coins using their PC’s processor. The CPU use can be extremely apparent if you know what’s going on, otherwise, the average web surfer may simply shrug off the slow performance as typical Windows or web-based processes slowing down the machine. The mining stops once web surfers leave the offending page. 

The altered Browsealoud plugin began mining Monero Sunday morning on more than 4,200 websites spanning the globe, including governments, organizations, and schools. Among them was the State of Indiana, the U.S. court information portal, the City University of New York, the U.K.’s National Health Service, the U.K.’s Student Loans Company, and many more. 

Most websites typically rely on plugins to pull content and tools from third-party developers. These can include translators, shopping baskets and ecommerce, menus, and so on. But the discovery of Coinhive’s miner in Browsealoud points to the possibility that if a hacker could gain access to one plugin for malicious purposes, thousands of websites could suffer. 

Plugin content typically resides on a remote server and sent to the target web page using a secure connection. The problem is that there is no real system to authenticate the actual content. Thus, someone with access to the content could easily inject malicious code, and the resulting websites using the plugin would serve up the malicious content despite registering the server as secure. 

One method to fix this problem is called Subresource Integrity. It comprises of two HTML elements with an “integrity” attribute that relies on a cryptographic hash. If the number provided to the website doesn’t match the number associated by the content, then the website can catch and block the malicious code. Unfortunately, this isn’t a widely used technique, but the recent issue with Browsealoud may convince more websites to utilize the Subresource Integrity method. 

Coinhive’s miner was reportedly only active in the Browsealoud plugin for a few hours before Texthelp pulled the plug. And although the outcome was apparently only to generate digital coin, the company still considers the hack as a criminal act. 

“Texthelp has in place continuous automated security tests for Browsealoud — these tests detected the modified file and as a result, the product was taken offline,” Texthelp Chief Technical Officer Martin McKay said in a statement. “This removed Browsealoud from all our customer sites immediately, addressing the security risk without our customers having to take any action.” 

Texthelp is currently working with the National Crime Agency and the National Cyber Security Agency to hunt down the hacker(s). 

Kevin Parrish
Former Digital Trends Contributor
Kevin started taking PCs apart in the 90s when Quake was on the way and his PC lacked the required components. Since then…
This Alienware gaming laptop with RTX 4080 is $500 off
The Alienware m18 R2 gaming laptop with Baldur's Gate 3 on the screen.

The popular and powerful Alienware m18 R2 gaming laptop with the Nvidia GeForce RTX 4080 graphics card, which usually sells for $3,100, is available for a discounted price of $2,600. There's no telling how much time is remaining before you miss this chance at $500 in savings, but since this is one of the gaming laptop deals that's been tagged by Dell as a "hot deal," stocks may sell out quickly. If you think this is the perfect gaming laptop for you, push through with the purchase as soon as possible.

Why you should buy the Alienware m18 R2 gaming laptop
The Alienware m18 R2 is the upgraded successor of the Alienware m18 with even more powerful components inside -- in addition to the Nvidia GeForce RTX 4080 graphics card, the gaming laptop features the latest 14th-generation Intel Core i9 processor and 32GB of RAM that's the sweet spot for high-end gamers, according to our guide on how much RAM do you need. Our laptop buying guide says gaming laptops should be able to keep up with the increasing requirements of the best PC games, and that won't be a problem for the Alienware m18 R2 over the next few years.

Read more
Acer is ‘not optimistic’ about the future of handheld gaming
The Acer Nitro Blaze 7 sitting on a stand.

Handheld PC gaming is hot right now. At least, it feels hot.

Chasing the coattails of both the Steam Deck and the Nintendo Switch, devices like the Asus ROG Ally have quickly been given the label as "the next big thing." But is there really enough gas in the tank for a bright future for this form factor?

Read more
This Turtle Beach gaming headset works on any console or PC, and it’s on sale
The Turtle Beach Stealth 700 Gen 2 Max gaming headset on a white background.

If you own more than one video game console and a gaming PC, you should get the Turtle Beach Stealth 700 Gen 2 Max gaming headset so you don't have to keep switching depending on the platform you're on. It offers excellent value at its original price of $180, but it's currently down to only $130 from Best Buy following a $50 discount, so now is a fantastic time to make your purchase. We're not sure when this bargain will end, but since it can be over as soon as tomorrow, we highly recommend completing the transaction for it within the day.

Why you should buy the Turtle Beach Stealth 700 Gen 2 Max gaming headset
One of the primary reasons why gamers love the Turtle Beach Stealth 700 Gen 2 Max is its wide compatibility. The gaming headset works with the PlayStation 5, PlayStation 4, Xbox Series X, Xbox Series S, Xbox One X, Xbox One S, Nintendo Switch, and PC. It features Turtle Beach's low-latency, lossless 2.4 GHz wireless connection to eliminate lag, and it also has a flip-to-mute microphone that hides inside one of the earcups when it's not in use.

Read more