Cloud Backup
 

We`re just sending through your details

Please give us a few moments whilst we get your account ready.

OKAY

Crypto-jacker Leaves ICO In Its Wake

Crypto-jacker Leaves ICO In Its Wake

posted in Cyber-Security ● 15 Feb 2018

Cyber-attacks and ‘hacks’ made regular headlines throughout 2017, and in the UK the Information Commissioner’s Office (ICO), was there to oversee all reparations and ensure organisations had data protection standards at a high level. Early 2018, however, has seen the ICO and a host of government websites, both UK and abroad, fall victim to a cyber-attack in the form of Crypto-jacker.

 

What is crypto-jacking?

A Crypto-jacker is a strain of malware which can silently mine cryptocurrency via an internet connected device, without knowledge or permission of the owner.

As with many strains of malware, a programme must be accessed or downloaded, typically from a browser, which will then begin to mine cryptocurrency in the background. This will use up resources, CPU and power, and more often than not, will give no benefit to the user whose machine is being utilised. User’s computers are likely to slow down while the mining operation is taking place, and general operations may be affected.

 

Hands up, this is a crypto-jacking!

It has been revealed that government websites in multiple countries have been compromised by the cryptojacker strain of code. Government sites affected include many British government sites including UK Student Loans, the ICO and also NHS services; US governmental sites were also affected, as was the Australian Queensland Government Portal.

Security researcher Scott Helme was able to trace the code found in the ICO website to a third-party plugin, Browsealoud, which is designed to assist visually impaired visitors on website domains. The plugin’s developers, Texthelp, confirmed that the plugin had been compromised to mine cryptocurrency. Following the attack Texthelp have launched an investigation into what occurred – releasing the following statement:

At 11:14 am GMT on Sunday 11th February 2018, a JavaScript file which is part of the Texthelp Browsealoud product was compromised during a cyber-attack. The attacker added malicious code to the file to use the browser CPU in an attempt to illegally generate cryptocurrency. This was a criminal act.

Martin McKay, CTO and Data Security Officer went on to say, “In light of other recent cyber-attacks all over the world, we have been preparing for such an incident for the last year. Our data security action plan was actioned straight away and was effective, the risk was mitigated for all customers within a period of four hours.” Continuing to say, “Texthelp has in place continuous automated security tests for Browsealoud – these tests detected the modified file and as a result the product was taken offline. This removed Browsealoud from all our customer sites immediately, addressing the security risk without our customers having to take any action.”

Raising the alarm

Following the crypto-jacking Helme, raised the alarm about the malware after he received a message from a friend whose antivirus software had detected an issue after visiting a UK government website.

“This type of attack isn’t new – but this is the biggest I’ve seen. A single company being hacked has meant thousands of sites impacted across the UK, Ireland and the United States,” Helme told Sky News. “Someone just messaged me to say their local government website in Australia is using the software as well.”

“If you want to load a crypto miner on 1,000+ websites you don’t attack 1,000+ websites, you attack the one website that they all load content from,” Helme noted. “In this case, it turned out that Texthelp, an assistive technology provider, had been compromised and one of their hosted script files changed.”

For a period of time the ICO website was unavailable. This only goes to show that cyber Threats are everywhere, with everyone at risk of an attack – even the governing body of the soon to be introduced GDPR legislation.

 

To learn more about cybersecurity and data protection regulations, such as the upcoming GDPR, get in touch with Redstor today.

Why you need to backup your QuickBooks data

In a recent LinkedIn poll, Redstor asked our followers if they had heard of QuickBooks, and 90% responded that it is a very popular type of accounting software.

 

Continue reading

Cyber-attack on The Works is a warning to others

The recent cyber-attack on discount retailer The Works, emphasises the need for organisations of all sizes to invest in ransomware prevention measures.

Continue reading

Redstor Appoints Channel Leader Mike Hanauer as CRO to Spearhead Global Sales Expansion

Reading, April 28, 2022 – Redstor, the cloud-first backup platform of choice for MSPs, today announced the appointment of accomplished channel sales executive Mike Hanauer in a newly created role of Chief Revenue Officer (CRO). Known across the market for his revenue-generating successes with top data protection, recovery and security companies, Hanauer will spearhead global expansion plans for Redstor’s category-leading SaaS platform.

Continue reading

Download The Ultimate MSP Growth Guide

  • This field is for validation purposes and should be left unchanged.