A recent incident confirms that government websites in India have become the target for cryptojacking. The Indian government has been unknowingly helping hackers make money off of their websites, stated a report published by India Times.
According to the report, a total of 119 India websites have been infected by a malware that allows unauthorized mining of cryptocurrencies. An analysis conducted by cybersecurity researchers shows that government websites like the director of municipal administration of Andhra Pradesh, Tirupati Municipal Corporation and Macherla municipality are among the hundreds infected.
Speaking to the media, a Guwahati-based security researcher, Indrajeet Bhuyan said that cryptojacking has become fashionable among hackers. In his words:
“Hackers target government websites for mining cryptocurrency because those websites get high traffic and mostly people trust them. Earlier, we saw a lot of government websites getting defaced (hacked). Now, injecting cryptojackers is more fashionable as the hacker can make money.”
Bhuyan, along with two other Guwahati-based security researchers, Shakil Ahmed and Anish Sarma was the first to identify the vulnerabilities on the Andhra Pradesh [AP] government websites on 10th September, the report said. The trio analyzed that the aforementioned websites are subdomains of ap.gov.in. Their study also revealed that the website was popular globally and it attracted over 1,60,000 visitors every month.
Mentioning the Guwahati-researchers in his statement, J A Chowdary, IT advisory to the Chief Minister of AP, said to the media:
“Thanks for notifying us about the AP website hacking.”
Quoting a finding from the American multinational corporation, Fortinet, the media stated that globally, the cryptojacking malware has grown to impact 13% of websites in the fourth quarter of 2017 to 28% in the first quarter of 2018.
Earlier in March, the Union Minister Ravi Shankar Prasad’s official website became the victim of cryptojacking. The officials brought down the site immediately and fixed it after the media house FactorDaily reported the incident.
In February, Austin based cybersecurity firm, Forcepoint, reported that CoinHive scripts were injected into government-owned websites across the U.S, UK, and Australia.
Cryptojackers have devised a number of schemes to get hold of other individual’s computers to mine cryptocurrencies. Regarding the same, CSO, a security news provider, quoted Travis Farral, Director of Security Strategy saying:
“You’re starting to see a lot of the traditional things mal-authors have done in the past. Instead of delivering ransomware or a Trojan, they are retooling that to deliver crypto-mining modules or components.”
Subscribe to AMBCrypto’s Newsletter