UK government sites infected with a cryptominer (opens in new tab)

(twitter.com)

23 pointsflother8y ago6 comments

6 comments

6 comments · 3 top-level

pell8y ago· 3 in thread

Are these miners effective enough? I guess, at scale they should have some value but my initial gut feeling would lead me to believe that even a huge botnet can hardly compete with dedicated hardware.

takluyver8y ago

Some cryptocurrency algorithms are designed to be less amenable to acceleration with special hardware, so that CPU mining remains effective. Monero, the one involved in this case, appears to be one such.

tomxor8y ago

They are effective enough at creating a poor user experience, eating all the users CPU without their permission in exchange for government provided text and wasting energy.

notspanishflu8y ago

Whoever setting a cryptominer like that doesn't have to pay dedicated hardware or the electric bill, and as you know nothing can beat gratis-free.

raesene98y ago

The use of 3rd Party JavaScript is endemic in websites these days, so not a big surprise that attackers are targeting them, given they've got an application (cryptomining) that can generate a revenue stream.

Unfortunately a lot of companies don't really seem to realise that when they include 3rd party JS they're implicitly trusting the security of that third party. I'd imagine many don't do much in the way of due diligence before including the scripts.

As mentioned in Scott's related blog post (https://scotthelme.co.uk/protect-site-from-cyrptojacking-csp...) SRI is a decent at least partial defence against this kind of thing, but unfortunately it hasn't (in my experience) seem much in the way of takeup as yet.

notspanishflu8y ago

"Same attack as described here: https://labs.detectify.com/2017/07/13/a-deep-dive-into-aws-s... … it's scripts hosted in a S3-bucket without proper access controls"

Edit. Also see https://scotthelme.co.uk/protect-site-from-cyrptojacking-csp...

j / k navigate · click thread line to collapse