Official government websites have become a prime target for cryptojacking in India, according to research from local cybersecurity experts.
New research from cybersecurity analysts reportedly reveals that widely trusted government websites – including those of the director of the municipal administration of Andhra Pradesh, Tirupati Municipal Corporation and Macherla municipality – have become the latest to be exploited by the practice.
Security Researcher Indrajeet Bhuyan told ET that:
“Hackers target government websites for mining cryptocurrency because those websites get high traffic and mostly people trust them. Earlier, we saw a lot of government websites getting defaced (hacked). Now, injecting cryptojackers is more fashionable as the hacker can make money.”
According to the Times, Guwahati-based security researchers Shakil Ahmed, Anish Sarma and Bhuyan were the first to identify vulnerabilities on the AP government websites, all of which are subdomains of the extremely popular ap.gov.in – which is reported to receive over 160,000 visits per month.
According to the ET, crytojacking appears rife on enterprise as well as government systems, with PublicWWW listing over 119 Indian websites that run Coinhive code – a script created to mine Monero (XMR) via a web browser.
ET cites a recent Fortinet report that suggests cryptojacking has more than doubled between 2017 Q4 and 2018 Q1, with the percentage of affected enterprises rising from 13 to 28 percent.
Fortinet’s Rajesh Maurya told ET that cryptojacking generates revenue “with a fraction of the effort and attention caused by ransomware,” noting that illegal video-streaming websites are a particularly lucrative target, as the script can make use of multiple CPU cycles to mine crypto as users watch movies or TV series.
ET further reports that internet of things (IoT) products are considered by security experts to be “the next frontier” for cryptojackers, given that such devices have high processing power and yet may be idle for much of the day. ET’s search on IoT-focused search engine Shodan.io found that over 13,500 home routers in India were infected by cryptojacking malware – a figure that was only outflanked globally by Brazil.
As previously reported, a research this summer from cyber security firm McAfee Labs revealed that cryptojacking malware activity had risen a staggering 629 percent in 2018 Q1.