Recent reports suggest that the Australian government websites were hacked to mine cryptocurrencies including Bitcoin and Monero. Hackers used a malware to hack into the website plug-in created by a third party vendor, thousands of websites including U.K’s own security websites were hacked. Authorities said that Monero was the major cryptocurrency which was being mined from these hostage computers.
AMBCrypto’s Mohan spoke to a Brisbane based Security Analyst, Philemon Jones and he says,
“Our data security was always vulnerable, these malwares are designed to hijack the power systems of your computer. I believe if countries like Australia can get their systems hijacked, [I’m] sure that these hackers are already mining cryptocurrencies from more vulnerable nations like in the South East Asian markets”
This way of using hostage computers to mine cryptocurrency is called as crypto jacking. Hackers send a malware to the host computer which then uses the computers computing power to mine cryptocurrency.
A cybersecurity analyst put it this way,
“When there was more or easier money to be had, there was a motive to build more botnets, Cryptocurrency has helped it accelerate.”
Cryptojacking is most done Monero because unlike other cryptocurrencies which use CPU power as proof-of-work, Monero uses memory as proof-of-work which can be mined over a regular internet browser.
Major Australian websites that were affected are the Victorian Parliament, the Queensland Civil and Administrative Tribunal, the Queensland Ombudsman, the Queensland Community Legal Centre homepage, and the Queensland legislation website, which lists all of the state’s acts and bills.
The hackers used a malware called as Coinhive to get into the systems. Authorities say that the systems were used for as long as four hours on Sunday and they temporarily shut down the websites to remove the malware. The websites will not be in service till Tuesday 12:00 GMT.
Barry Smith, a cybersecurity analyst from Sydney says,
“There was a lot more that could have been done. It’s a good thing we caught it early, all these sites have data that is precious and could hackers could have done more damage.”
Texthelp which runs the browser said that no data has been stolen and the systems were only used for cryptocurrency mining purposes. They even said that an investigation is going on to find the source of an attack and to make the browser even more secure to prevent the happening of such attacks in future.
Subscribe to AMBCrypto’s Newsletter