Government websites cryptojacked

Reports have emerged that multiple government websites belonging to nations like UK, US and Australia have been compromised by malware on February 2018. This malware forces the computers of anyone visiting these government websites to mine cryptocurrency.

Background

Cryptocurrency is a form of digital money designed to be secure and anonymous in most cases. It uses a technique called cryptography — a process used to convert legible information into an almost uncrackable code, to help track purchases and transfers. A cryptocurrency runs on a blockchain and blockchains are run by miners, who use powerful computers that tally the transactions.

The most popular form of cryptocurrency is Bitcoins which is a community run cryptocurrency. In the final months of 2017, the value of Bitcoins began to rise exponentially along with other cryptocurrencies. At one point it was trading at $20,000 thus sparking a slew of warnings from experts and analysts. Other cryptocurrencies like Ripple and Dogecoin have also performed incredibly well in the past year.

In 2018, the value of cryptocurrencies began to fall as governments began cracking down on it. South Korea in particular announced that it would be banning cryptocurrency exchanges. The nation’s exchanges have been affected by cyber breaches in the past few months. A South Korean cryptocurrency exchange called Youbit had to declare bankruptcy after it was hacked and 17% of its assets were stolen. It had been hacked once earlier in April 2017 when nearly 4,000 Bitcoins were stolen in a cyber-attack that the country’s spy agency linked to North Korea. China too has banned cryptocurrency exchanges and India has indicated that it would be following suit.

Japan too has been hit by breaches in cryptocurrency exchanges. Close to ¥58 billion ($533 million) worth of NEM was stolen on January 26^th. It has been noted that more than ¥500 million worth of it likely to have since been converted into Bitcoin and other cryptocurrencies.

Analysis

More than 5,000 sites were reportedly compromised as a result of the breach. The malicious malware, which even affected Australia’s official site for the parliament, forced visitor computers to automatically begin mining cryptocurrency.

Scott Helme, an IT security consultant, spoke about the nature of the attack noting, “This type of attack isn’t new – but this is the biggest I’ve seen. A single company being hacked has meant thousands of sites impacted across the UK, Ireland and the United States. Someone just messaged me to say their local government website in Australia is using the software as well.”

The value of Bitcoins dropped below $7,000 in the recent weeks following the increased crackdown from South Korea and China. Hackers reportedly were able to breach these sites by capitalizing on a vulnerability in the browser plug-in Browsealoud. They were able to inserted a script known as Coinhive into the company’s software.

Helme, who discovered the breach added, “When you load software like this from a third party, that third party can change it and make it do whatever they want,” he said. “There are easy ways to make sure they don’t do that. We don’t know how Texthelp were compromised yet, so it is hard to say whether they were really unlucky or there was some kind of inherent problem with what they were doing. But there were ways the government sites could have protected themselves from this. It may have been difficult for a small website, but I would have thought on a government website we should have expected these defence mechanisms to be in place.”

This is not an isolated incident. In December it was reported by The Guardian that at least 1 billion users who visit video streaming sites such as Openload, Streamango, and Rapidvideo were being cryptojacked.

Assessment

Our assessment is that cryptocurrencies are becoming increasingly vulnerable to being breached. As we have stated earlier, large organizations and governments are provably vulnerable to cyber attacks. In wake of these breaches, it is likely investors may become even more wary of cryptocurrencies and that might affect their value.