A security researcher discovered a handful of government websites in the US, UK and Australia had been compromised on Sunday by malware aiming to take control of visitors' computers to mine cryptocurrency.
Researcher Scott Helme reported over 4,000 websites, including the UK Information Commissioner's Office (ICO), the General Medical Council and some NHS websites, were affected by the problem.
Helme traced the issue back to a plugin called Browsealoud, which allows blind and partially sighted people to access the internet. A program called Coinhive, which mines monero -- a rival to bitcoin -- was added to the plugin. Texthelp, the company that makes Browsealoud, released a statement saying the explot was active for a period of four hours on Sunday, and even though it has now been fixed, the plugin will remain offline until Tuesday. A number of websites, including the ICO, also remain offline.
Software that mines cryptocurrency isn't illegal in its own right, but malware that installs such software without the consent of website owners is fraudulent. An investigation to try and uncover the perpetrator is now underway and technical experts are examining data from the incident, said a spokesperson for the National Cyber Security Centre in a statement.
"The affected service has been taken offline, largely mitigating the issue. Government websites continue to operate securely," said the spokesperson. "At this stage there is nothing to suggest that members of the public are at risk."