Have you ever experienced opening a website in your browser slowed down your entire system? Would you believe that our personal computers were used by cryptocurrency miners to mine? If you don't believe, then the below article is for you...
Indian government is trying its level best to curb the rise of cryptocurrencies, but government websites are unwittingly supporting the hackers to make huge sum of money with their websites.
Indian government is trying its level best to curb the rise of cryptocurrencies, but government websites are unwittingly supporting the hackers to make huge sum of money with their websites.
A recent analysis by security researchers show that the below are some of the popular government websites among hundreds of Indian websites, that are being used to mine cryptocurrencies.
- Tirupati Municipal Corporation
- Director of Municipal Administration of Andhra Pradesh
- Macherla Municipality
Cryptojacking is a malware which allows unauthorized access of someone's computer to mine cryptocurrencies.
The two popular ways which hackers are using to cryptojack are as follows:
- Get an user to click a malicious link which loads crypto-mining code on the computer.
2. Inject a JavaScript code (helps in mining cryptocurrencies) into a website and the website visitor's computing power will be used for mining without any consent.
CoinHive is considered as one of the leading profitable cryptocurrency service. A small piece of code injected on a website utilizes the CPU capacity of the system which visits the malicious website. It helps in mining the famous cryptocurrency called Monero.
Why government sites?
Hackers are targeting government websites for mining cryptocurrencies (cryptojacking) since these websites have high traffic and people trust them when compared to the others. The security breaches in the Andhra Paradesh government websites were first discovered by a Guwahati based security researchers team.
We saw a lot of government getting hacked earlier. Nowadays cryptojackers is more fashionable, as hacker can make profit.
- Indrajeet Bhuyan
Security Researcher
In addition to government sites, the malware targets the enterprise systems as well. Over 119 Indian websites were identifies to run CoinHive scripts by PublicWWW.
Earlier this year, YouTube ads were used for cryptojacking. Read more >>
Cryptojackng Craze!
Cryptojacking malware has grown enormously leading to its rise in impact of 13% of all organization to 28% in Q1 of 2018 - based on the Fortinet report. Unlike ranswomware, the success of cryptojack depends on not being detected.
Based on experts, the revenue generated via cryptojacking is proportional to the audience, the number of compromised systems, the duration which the users spend on the affected websites. Higher the time spent on the website, more is the CPU cycles used for mining cryptocurrencies.
Cryptojacking has slowly started targeting the Internet Of Things (IOT) products and is expected to increase exponentially very soon. It becomes as additional responsibility for enterprises to bring much secured platform for their clients rather than concentrating on performance alone.
I hope after reading this article definitely you agree that we all are exposed to an virtual environment where security is being compromised easily by malicious activities. The objective of this is article is to create awareness of what is happening around us and how to safeguard ourselves from these attacks.
Let me know your views in the comments section...