Criminals who take advantage of people with vision problems and well-meaning businesses are about as low as anyone can sink. The latest advisory from Stay Smart Online today tells how thousands of websites around the world which use a plugin ‘Browsealoud’ were attacked. The plugin adds speech, reading, and translation to websites facilitating access and participation for people with dyslexia, low Literacy, English as a Second Language (ESL), and those with mild visual impairments.

Over 4,200 sites, including a large number of U.S., U.K. and Australian government sites, were infected by a malicious version of Browsealoud, which caused cryptomining to run on the computers which visited the infected websites and ran the plugin, generating Monero cryptocurrency using the resources of the secondary target computers, that is, those owned by innocent people who needed the assistance of the plugin. The criminals gained financially by using the computing power of users’ PCs to generate cryptocurrency.

This technology was compromised by altering Browsealoud’s source code to silently inject Coinhive’s Monero miner into every webpage offering Browsealoud. The additional code was obfuscated or hidden by converting the ASCII (human readable) instruction to connect to Coinhive’s JavaScript miner to hexadecimal in an attempt to hide it.

Texthelp, the developers of Browsealoud, have taken action and removed the Java®-based software while investigating the issue.

The Java cryptomining software is only active while browsing on an infected machine which has visited an infected web server. As soon as the web browser is closed, the software ceases to operate.

This particular attack no longer exists, but it shows the vulnerability of our free and open internet system, and the necessity of ensuring that our computer software and anti-virus is kept up to date and that your Chief Information Security Officer is aware of current issues.

There are methods we discuss on EC-Council’s Certified Ethical Hacker and Certified Network Defender courses to let web administrators know when any changes have occurred on their websites so that they would be aware that modifications have been made to their web software, that they may have been attacked and thus take action accordingly. For more information, check out our EC-Council course schedule.

References: Stay Smart Online The Register Reuters

Stay safe, Terry Griffin

Principal Technologist: Security



Feature Articles


eBook
Drive Innovation with IT Service Management Training
11 December 2023
Blog
How did your incident management plan stand up to the CrowdStrike outage?
By Gary Duffield | 23 July 2024
eBook
Get your teams up-to-speed with ITIL® 4
22 May 2024
eBook
Elevate your business and career to new heights
22 May 2024
Blog
Transforming Your Business and Workforce with Microsoft AI Training
By Leif Pedersen | 30 July 2024
Blog
How to improve your AWS AI skills with Lumify Work training options
By Leif Pedersen | 3 July 2024
Blog
The Philippines' National Cyber Security Plan 2023-2028: Roadmap to Cyberspace Resilience
By Justin Luna | 28 August 2024
Blog
2024-2025 Government Budget: Focusing investment in cyber security skilling
By Jeremy Daly | 1 July 2024
Read