Public service websites among those affected by 'coin-jacking' attack

Irish public service organisations and companies are moving to ensure their websites are secure after dozens were reportedly compromised by so-called coin-jacking software.

The malicious code turns any computer that connects to the infected website into a device that mines or generates a particular cryptocurrency on behalf of those behind the operation - writes rte.ie.

The Health Service Executive was among dozens of public bodies whose websites were reported to have been compromised.

A spokesperson for the HSE said the organisation had taken the necessary steps to minimise the risk from the attack.

Other websites include those of the Department of Agriculture, Dublin City Council and Fingal, Cork, Wexford, Offaly county councils, the Houses of the Oireachtas, the Broadcasting Authority of Ireland, Women's Aid and the Central Remedial Clinic.

According to The Register, which first reported the story, the problems reportedly started just before midday yesterday when the malicious code was inserted by hackers into a popular website plugin called Browsealoud, made by British firm Texthelp.

It converts website text into spoken word for people who are visually impaired.

The plugin then compromised all the websites it was running on that were not protected, security experts say.

In total, more than 4,200 websites in multiple countries, including Ireland, the UK, the US and Australia, were impacted as a result.

The malicious code inserted cryptocurrency mining software from Coinhive into the Browsealoud plugin.

This meant any PC, tablet or phone that connected to the websites was turned into a mining machine for the cryptocurrency Monero, which is similar to Bitcoin.

The miner stops when the browser disconnects from the website that has been compromised.

Texthelp has since taken down the service, which should render the plugin, and therefore the infection, inactive.

There are no indications so far of any data being compromised on any of the websites that were infected.

The infection was first spotted by British-based information security consultant Scott Helme.

Read more news of Dublin on our site.

Feedbacks and comments

Write feedback
Write comment

Please leave a constructive, reasoned and informative text relating to the quality of the company's work, on the example of personal experience.

Not allowed: use of non-normative obscenities, threats or insults; direct comparison with other competing companies; placing a links to third-party Internet resources; advertising and self-promotion, statements related to the company's activities.

Enter e-mail:
Your e-mail will not be shown on the site
or Log in , for write feedback
Load photo: