Websites run by the US and UK governments were secretly hijacked by attackers to mine cryptocurrency using a compromised plugin, Browsealoud.
Over 4,200 websites are in the victims list.
This plugin developed by a British firm is used to read out websites for people with visual impairments.
Source: https://wccftech.com/government-websites-hijacked-mine-monero/
TPRM report: https://scoringcyber.rankiteo.com/company/ce9uscourts
"id": "uni18395622",
"linkid": "ce9uscourts",
"type": "Cyber Attack",
"date": "02/2018",
"severity": "60",
"impact": "2",
"explanation": "Attack limited on finance or reputation"
{'affected_entities': [{'industry': 'Public Sector',
'location': 'United States',
'name': 'US Government',
'type': 'Government'},
{'industry': 'Public Sector',
'location': 'United Kingdom',
'name': 'UK Government',
'type': 'Government'}],
'attack_vector': 'Compromised Plugin',
'description': 'Websites run by the US and UK governments were secretly '
'hijacked by attackers to mine cryptocurrency using a '
'compromised plugin, Browsealoud. Over 4,200 websites are in '
'the victims list. This plugin developed by a British firm is '
'used to read out websites for people with visual impairments.',
'impact': {'systems_affected': 'Over 4,200 websites'},
'initial_access_broker': {'entry_point': 'Browsealoud Plugin'},
'motivation': 'Financial Gain',
'title': 'Government Websites Hijacked to Mine Cryptocurrency',
'type': 'Cryptojacking',
'vulnerability_exploited': 'Browsealoud Plugin'}