Cryptojacking Scripts Are Discovered On Indian Government Websites
According to the results of the security investigation, programs for illegal mining have been identified on the websites of Indian municipalities, The Economic Times reports.
Security experts Shakil Ahmed, Anisha Sarma, and Indrajeet Bhuyan found three damaged websites of the governing bodies, namely, Andhra Pradesh, Tirupati Municipal Corporation, and Macherla municipality. In particular, the government websites are on the list of hundreds of Indian websites used for the hidden crypto mining. These websites use the ap.gov.in subdomain, which is considered one of the most popular in terms of attendance in the country with more than 160,000 clicks per month.
Cryptojacking is an illegal method of crypto mining using a virus program that allows unauthorized use of the computing power of someone else's computer. In the case of Indian municipal websites, users clicked on a link sent by hackers in an email, after which the code for mining the digital currency was downloaded on the PC.
According to the researcher from the security group Indrajeet Bhuyan, the cybercriminals intentionally use the websites of the government for their own purposes since such resources have rather big traffic and visitors rely mostly on governmental websites.
Security experts discovered websites susceptible to the malicious code on September 10, after which they immediately reported this to the IT consultant of the Andhra Pradesh province chief minister. However, as of September 16, cryptojacking continued to damage the websites of municipal authorities.
As previously reported, the tourist portal CheapAir.com received an anonymous threat from crypto scammers, demanding $10,000 in bitcoins.