Cryptojacking Attack Hits Government Sites In India

Crime, News | September 17, 2018 By:

Government websites in India are being used by hackers to mine for cryptocurrencies, according to the Economic Times (ET).

Citing new research from cybersecurity analysts, ET reported that several high-traffic websites of the Indian government, including those of the director of the municipal administration of Andhra Pradesh (AP), Tirupati Municipal Corporation and Macherla municipality, have been infected with crypto mining malware, designed to steal visitors’ computing power to earn cyptocurrencies.

“Hackers are now targeting government websites for mining cryptocurrency as those websites get high traffic and mostly people trust them,” said Security Researcher Indrajeet Bhuyan. “Earlier we saw a lot of government websites getting defaced but now injecting cryptojackers are trending as it makes money for the hacker.”

The malware was first discovered by a group of Guwahati-based security researchers Shakil Ahmed, Anish Sarma and Indrajeet Bhuyan. The group reportedly identified the vulnerabilities of the AP government websites, which are subdomains of ap.gov.in, one of the most popular websites globally with over 160,000 visits per month.

Besides government websites, a total of 119 Indian websites have also been infected by a Coinhive code – a script created to mine Monero via a web browser.

According to recent Fortinet report, the cryptojacking malware has grown to impact 13% of websites in the fourth quarter of 2017 to 28% in the first quarter of 2018. Rajesh Maurya, regional vice-president at Fortinet, told ET that cryptojackers who manage to develop and maintain a network of hijacked computer systems are able to generate revenue with a fraction of the effort and attention caused by ransomware.

“Crypto mining activity is becoming a very big business in India,” said Maurya. “This technology is most effective on illegal video-streaming websites where people stay for hours watching movies or TV series.”