Thousands of websites around the world have been targeted by a malware attack which forces visitors’ computers to mine cryptocurrency.
The websites of NHS services, the Student Loans Company and several English councils are among those which were targeted.
Coinhive software was inserted into code of the websites through BrowseAloud, a plugin designed to improve the browsing experience for blind and partially-sighted people. The website of Texthelp, which operates BrowseAloud, has been taken down while it attempts to fix the problem.
Coinhive uses the processing power of a visitor’s computer to mine the cryptocurrency Monero.
The website of the Information Commissioner’s Office, the UK’s data protection watchdog, was taken down on Sunday night after it was also infected by the malware.
More than 4,000 websites have been infected – the full list is here – including that of the US courts system.
The National Cyber Security Centre is investigating the incident. A statement on its website read: “NCSC technical experts are examining data involving incidents of malware being used to illegally mine cryptocurrency.
“The affected service has been taken offline, largely mitigating the issue. Government websites continue to operate securely.
“At this stage there is nothing to suggest that members of the public are at risk.”
The alarm was raised by IT security consultant Scott Helme after his friend’s antivirus software picked up an alert while visiting a UK government website.
Helme told Sky News: “This type of attack isn’t new – but this is the biggest I’ve seen. A single company being hacked has meant thousands of sites impacted across the UK, Ireland and the United States.
“Someone just messaged me to say their local government website in Australia is using the software as well.”