The website for the parliament of Victoria, and the Queensland government's legislation website, were among thousands of websites that fell victim to a cryptocurrency hack that hijacked their websites to use them to mine for cryptocurrency.
Information security blogger Scott Helme discovered the hack via the UK Information Commissioner's Office website on the weekend.
Ummm, so yeah, this is *bad*. I just had @phat_hobbit point out that @ICOnews has a cryptominer installed on their… https://t.co/m0Ds02IL5B
Tracking it back, he learnt that it wasn't the website itself that was compromised, but a script file loaded from Texthelp, specifically a tool that allows users to have websites read out to them.
In a blog post explaining the hack, Helme said that a script file hosted by Texthelp was altered to include the cryptocurrency miner, utilising users' browsers to generate cryptocurrency.
Cryptocurrency requires processing power in order to generate the currency by solving complex mathematical problems. The more processing power it has access to, such as via thousands of browsers on thousands of websites, the easier it is to generate cryptocurrency.
This meant that rather than having the crypto-miner on one website, it was loaded onto thousands of websites running the Texthelp application, including several Australian government websites such as the Queensland government's legislation page; the Victorian parliament website; the Queensland Department of Education's website; and several local council websites in Victoria and WA.
Hey @troyhunt, even you're hit down under...
The BrowseAloud service was taken offline on Monday by Texthelp, with the company stating in a blog post that the hacking was a criminal act and was being investigated.
"Texthelp can report that no customer data has been accessed or lost," the company said. "The company has examined the affected file thoroughly and can confirm that it did not redirect any data, it simply used the computers CPUs [central processing unit] to attempt to generate cryptocurrency."
The exploit was online for four hours in the early hours of Monday, during which time most Australians would have been asleep, and probably not accessing government websites.
BuzzFeed News has sought comment from the Queensland government, and the Australian Cyber Security Centre. The UK's National Cyber Security Centre is investigating the incident.