
Government websites hijacked by cryptomining plugin - ericdanielski
https://www.grahamcluley.com/government-websites-hijacked-cryptomining-plugin/0
======
Legogris
This illustrates the need of proper vetting of any CDNs you rely on, and
integrity-checking all external scripts.

The culprit here was BrowseAloud (ba.js), which had been hijacked to mine
Monero on visitors browsers.

Several Swedish government sites affected as well:
[https://kryptera.se/t/javascript-miner/](https://kryptera.se/t/javascript-
miner/)

Wired article: [http://www.wired.co.uk/article/browsealoud-ico-texthelp-
cryp...](http://www.wired.co.uk/article/browsealoud-ico-texthelp-cryptomining-
how-cryptomining-work)

