Over the weekend, a little piece of malware was hard at work mining cryptocurrency on government computers. Security researcher Scott Helme first noticed the malware, which he believes was running on more than 4,000 sites, including the U.K.’s Information Commissioner’s Office (ico.org.uk) and the website for the American court system (uscourts.gov).
The malware leveraged the victims’ devices to generate the cryptocurrency Monero by performing complex, CPU-intensive calculations, a mathematical process known as “mining” that’s used to create some cryptocurrencies.
On Sunday, the U.K.’s National Cyber Security Centre issued a statement that it was “examining data involving incidents of malware being used to illegally mine cryptocurrency.”
In a report last month, cybersecurity firm CrowdStrike highlighted the rise of cryptocurrency mining, a relatively new flavor of attack.
“In recent months, CrowdStrike has noticed an uptick in cyberattacks focused on cryptocurrency-mining malware that takes advantage of available CPU cycles, without authorization, to make money,” the firm wrote, noting that it “expects to see much more” of this activity moving through 2018.
Still, as Helme points out, things could have been a lot worse. A similar hack could have compromised government credentials or stolen identities instead of mining Monero.