The Strategist

Expert: the issue with Browsealoud software could become a real disaster for all of us

02/20/2018 - 14:49

Thousands of government websites in the US, Britain and Canada were threatened. Attackers could take advantage of the vulnerability of a popular plug-in and gain access to the computers of all visitors.

Brian Katt
Brian Katt
A large-scale cyber-attack took place on last weekend, when hackers infected over 4 thousand sites around the world. Among the affected web resources were large government portals of the United States, Britain, Canada and Australia, including websites of the British National Health Service, several American courts and ministries.

The criminals decided to use the virus for mining. As it became known on Wednesday, the game was not worth the candle: the hackers could only earn $ 24. However, were the hackers a little more insightful, it would all end in disaster.

As Scott Helme, a researcher who first discovered the cyberattack, wrote in his blog, it is not necessary to manually infect over a thousand sites. It's enough to crack one resource that all potential victims use.

The intruders used this trick. The source of the attack was the plugin for WordPress, called Browsealoud - several thousand websites use it to help visually impaired people. At the time of this writing, this plugin is no longer available for download, and the date of the blocking is February 11, the day of the beginning of the cyber-attack.

The hackers uploaded malicious Javascript code to the computers of visitors to the affected sites. As Helme notes, the scammers had an opportunity to do anything - install keyloggers that would record keystrokes, or run an eraser virus that would remove all personal data. "The only limitation in this case is the imagination of hackers," the expert added.

However, they decided to use the most popular way, infecting the system with a virus-miner that extracts the Montero crypto currency.

"It could be a real disaster, seriously, it's not a training alarm," Helme told Motherboard. "We were all very fortunate that we got off so easily, and the attack was quickly discovered."

Be that as it may, the idea of hackers to cash in on the crypto currency has not justified itself. Despite the large scale of the hacking, the financial gain of the scammers was very modest.

According to Coinhive mining service, which the criminals used, they managed to earn $ 24. Representatives of Coinhive stressed that they did not pay the "earned" amount to the attackers.

Recently, media has reported about many cases of illegal mining of crypto-currency using the computer's user's capacities. For example, there was a so-called successor to the WannaCry virus, which was called WannaMine - it penetrated the user's computer and began secretly extracting crypto currency, overloading the processor.