As the Indian government further complicates their stance on whether or not citizens should be allowed to trade and own cryptocurrencies, hackers have found a way to exploit government websites in order to make a fortune in cryptocurrency through a popular hack called cryptojacking.
A team of security researchers have found that multiple government owned websites are being exploited to secretly mine cryptocurrency from unsuspecting computers. These include the director of municipal administration’s website and Tirupati Municipal Corporation’s site, among hundreds of others.
Cryptojacking has become an increasingly popular way for hackers to acquire cryptocurrency by using the computing power of unsuspecting site visitors to mine various cryptos. By using a malicious code embedded in the links to websites, hackers can infect a computer in order to utilize the maximum computing power of the infected computer.
Security researcher, Indrajeet Bhuyan, spoke about the prevalence of this code on Indian government websites, saying that:
“Hackers target government websites for mining cryptocurrency because those websites get high traffic and mostly people trust them. Now, injecting cryptojackers is more fashionable as the hacker can make money.”
Report Comes Amidst Increasing Popularity of Cryptojacking
Last month, a report from U.S.-based security firm, Palo Alto Networks, confirmed that cryptojacking’s popularity is surging, coinciding with the increase in cryptocurrency’s popularity. The popularity of these attacks stems from the discreetness of the malicious code, as well as the supposed “victimless” nature of the crime.
Although the hacks may initially seem to be harmless, they can pose significant threats to the well-being of infected computers. A report by Russian security firm Kaspersky Labs found that unwarranted cryptocurrency mining can damage the internals and externals of a computer, especially laptops.
The report found that after two days of heavily mining Monero on an unsuspecting computer, the infected device showed physical signs of damage, including a deformed laptop shell due to an expanding battery.
The researcher conducting the research at Palo Alto Networks said that Monero (XMR) is the most popular cryptocurrency mined by cryptojackers, due to its anonymity features. The report notes that:
“By querying the mining pools themselves, instead of the blockchain, we’re able to say exactly how much has been mined without the fear of the data being polluted by payments to those wallets via other sources.”
The report concludes that at the time the research was conducted, a total of 798,613.33 Monero were illicitly mined by cryptojackers. That number has increased significantly in the time since the research was conducted.
The research by Indian cybersecurity companies coincides with this report, finding that many of the government sites, including the official website of Union Minister Ravi Shankar Prasad was infected by the malicious code, which was using computers to mine Monero.
The report notes that “A small chunk of the code installed on a website uses the computing power of any browser that visits the site to mine bits of the Monero cryptocurrency.”
Hackers are increasing their savviness and using new hacking methods in order to increase their profitability while still maintaining discreetness so as not to get caught by authorities.
Featured image from Shutterstock.