Hackers targeted government websites in India with malware to conduct illegal mining cryptocurrency operations .
The Government of India has a controversial relationship with cryptocurrency. Currently, the country's Supreme Court is working to issue a ruling on the ongoing dispute between the stock exchanges and the Reserve Bank of India (RBI), which has ordered that all banks and financial institutions do not have a relationship with cryptocurrencies or merchants. Yet the government is an active participant, albeit unconscious, in the extraction of cryptocurrencies, although this situation has only recently come to light.
Hacked government websites
Shakil Ahmed, Anish Sarma and Indrajeet Bhuyan are three security researchers who have combed through government websites. They found that hundreds of government websites in India have been compromised with cryptographic malware and are being used to encrypt the extraction.
Research has begun with the AP government websites due to the fact that they receive 1.6 million visitors a month. Indrajeet Bhuyan, security researcher, observes:
Hackers are targeting government cryptocurrency websites because these sites receive high traffic and most people trust them. Previously, we saw a lot of government Web sites that were being defaced (hacked). Now, the injection of cryptojackers is more fashionable as the hacker can make money.
Security researchers have informed a head of government of their findings. Yet they found that the sites were still running malware a week later.
Cryptojacking in India
The team of researchers found that cryptographic malware affected more than government websites. In addition, more than 119 public websites have been compromised. A popular choice for malware is Coinhive, which is normally used to extract Monero.
In fact, cryptojacking is becoming so widespread that India comes second in countries with Internet-connected devices that are hijacked to illegally encrypt. The country, with its 13,500 infected domestic routers, is lagging behind Brazil due to the dubious distinction.
Rajesh Maurya, regional vice president of Fortinet, states:
Crypto mining is becoming a very large business in India. This technology is the most effective on illegal video-streaming sites where people stay for hours watching movies or TV series.
Fortinet recently published a report that found that cryptography is an expanding business. They found that 13% of all organizations in the fourth quarter of 2013 were infected with cryptojacking malware. The percentage rose to 28% of companies in the first quarter of 2018.
One would expect cryptographic malware to stay here. While Google and other app stores have banned apps that have any kind of cryptocurrency mining, cryptojacking is likely to continue to rise. Hackers can easily transfer the script to websites and start generating revenue that is instantly transferred anywhere in the world. Such ease of use, profits and absence of real consequences will ensure that such hacking will not stop, or even slow down, at any time.
Have you ever been a victim of cryptographic malware? Let us know in the comments below .
Images courtesy of Shutterstock.