ICO site targeted in mass cryptocurrency hack attack

The Information Commissioner’s Office is among more than 5,000 organisations which have had their websites hacked in a bid to force visitors’ computers to run malicious software that mines a cryptocurrency similar to Bitcoin.
Just last week, the National Cyber Security Centre warned organisations to brace themselves for a new wave of highly sophisticated online attacks. The sites affected by this latest issue all use a popular plugin called Browsealoud, made by UK company Texthelp, which reads out webpages for blind or partially sighted people. But this technology has been compromised to silently inject a malicious code to search users’ computers for cryptocurrency Monero.
The hack, which was first flagged up by UK-based security researcher Scott Helme, is reported to have affected UK public sector organisations, including 45 local authorities, nine NHS trusts and six colleges, as well as the ICO, the Pensions Advisory Service, the Financial Ombudsman Service and the Student Loans Company.
At 9.29am yesterday morning the ICO’s site posted a statement which read: “The ICO’s website will remain closed as we continue to investigate a problem which is thought to involve an issue with the Browsealoud feature.”
Helme said: “This is not a particularly new attack and we’ve known for a long time that content delivery networks or other hosted assets are a prime target to compromise a single target and then infect potentially many thousands of websites.”
The National Cyber Security Centre, which is investigating the issue, said: “NCSC technical experts are examining data involving incidents of malware being used to illegally mine cryptocurrency. The affected service has been taken offline, largely mitigating the issue. Government websites continue to operate securely. At this stage, there is nothing to suggest that members of the public are at risk.”