Official government websites have become a primary target for cryptojacking in India, The Economic Times (ET) reports today, 17 September.
Cryptojacking is the practice of infecting a target with malware that uses the processing power of a computer to extract cryptocurrencies without the consent or knowledge of the owner.
New research by computer security analysts reveals that widely trusted government websites – including those of Andhra Pradesh's municipal administration director, Tirupati Municipal Corporation and Macherla city hall – have become the last to be exploited by practice .
Security researcher Indrajeet Bhuyan told ET that:
"Hackers are targeting government cryptocurrency websites because these sites receive high traffic and most people trust them. saw a lot of government websites being defaced (hacked) Now, the injection of cryptojackers is more fashionable as the hacker can make money. "
According to the Times, security researchers Guwahati Shakil Ahmed, Anish Sarma and Bhuyan were the first to identify vulnerabilities on AP government websites, all of which are subdomains of the very famous ap.gov.in – which is reported to receive over 160,000 visits a month.
According to ET, "shouting" seems widespread in corporate and government systems, with PublicWWW listing over 119 Indian websites that run Coinhive code – a script created to extract Monero (XMR) via a web browser.
ET cites a recent Fortinet report suggesting that cryptojacking more than doubled between Q4 and 2018 in the first quarter of 2017, with a proportion of interested businesses increasing from 13 to 28 percent.
Rajesh Maurya of Fortinet told ET that cryptojacking generates revenue "with a fraction of the effort and attention caused by ransomware", emphasizing that illegal video-strs eaming websites are a particularly lucrative target, since the script can use multiple CPU cycles to extract encryption while users watch movies or TV series.
ET also points out that the Internet of Things (IoT) products are considered by the security experts "The next frontier" for cryptojackers, given that such devices have a high processing power and yet may remain inactive for much longer. part of the day. ET research on the search engine focused on Io Shodan.io found that over 13,500 domestic routers in India were infected with cryptojacking malware – a figure that was globally exceeded by Brazil.
As previously reported, a search this summer by a computer security company McAfee Labs revealed that malware encryption activity increased by 629 percent in 2018 in the first quarter.