Thousands of websites, including ones run by U.S. and UK government agencies, were infected for several hours on Sunday with code that causes web browsers to secretly mine digital currencies, technology news site The Register reported.
Websites such as the UK’s NHS and ICO to the US government’s court system were just some of the 4,200 sites infected with a malicious version of a widely used tool known as Browsealoud from British software maker Texthelp, which reads out webpages for people with vision problems.
For several hours yesterday, anyone who visited a site that embedded Browsealoud inadvertently ran this hidden mining code on their computer, generating money for the miscreants behind the caper, according to The Register.
The news comes amid a surge of these types of cyber-attacks, and the prevalence of these schemes has increased in recent months as the volume of trading in bitcoin and other cryptocurrencies has risen.
Representatives of the U.S. and British law enforcement agencies and Texthelp could not immediately be reached for comment.
Texthelp told The Register that it had shut down the operation by disabling Browsealoud while its engineering team investigated.