Hackers Using Cryptojacking Malware To Make A Fortune From Indian Govt. Websites

Though India is against cryptocurrency, the country’s government websites are inadvertently helping hackers making a killing off of their websites.

Government websites including Tirupati Municipal Corporation, director of municipal administration of Andhra Pradesh and Macherla Municipality are among the hundreds of Indian sites being targeted to mine cryptocurrencies.

A cryptojacking malware is an unauthorised use of someone else’s computer for mining cryptocurrencies. Hackers are getting users to click on a malicious link in their email list that loads crypto mining or they infect a website with a JavaScript code that mines cryptocurrencies by using up a visitor’s computing power without their consent.

The security researcher Indrajeet Bhuyan said, “Hackers target government websites for mining cryptocurrency because those websites get high traffic, and most people trust them. Earlier, we saw a lot of government websites getting hacked. Now, injecting cryptojackers is more fashionable as the hackers can make money.”

The susceptibilities on the AP government websites were the first to be identified by a team of Guwahati-based security researchers involving Anish Sarma, Shakil Ahmed and Bhuyan. The three sites are subdomains of ap.gov.in that’s one of the most popular websites with over 1.6 lakh visits per month globally.

Apart from the government websites, the cryptojacking malware that mines cryptocurrencies has also been affecting and spreading the enterprise systems. Buyan with his team ran a software script on the homepages of over 4,000 websites from the goidirectory.nic.in for identifying cryptojacking codes. A number of them had already been taken down without him reaching out to them.

Cryptojacking malware grew globally from impacting 13% of all organizations in Q4 of 2017 to 28% of organizations in Q1 of 2018, more than twice of its footprint according to a recent report by Fortinet. A prior search in Shodan.io, the search engine for the internet-connected devices, stated that India ranked 2nd after Brazil with over 13,500 home routers getting affected by cryptojacking software.