Hackers have hijacked thousands of government websites to help them to stockpile cryptocurrencies such as Bitcoin.
Websites, including those belonging to the Information Commissioner’s Office, Student Loans Company and Scottish NHS helpline, were infected with a virus.
As a result unsuspecting visitors have had their computers and phones commandeered to help criminals make more money. Up to 4,700 websites have been affected worldwide.
The cyber criminals planted a virus called Coinhive in software used by the websites to help visually impaired users access the websites. And when users clicked on the sites the virus was transferred to their own computers.
The hackers then used the extra processing power provided by users’ devices to ‘mine’ cryptocurrencies such as Bitcoin.
Mining is the process where new digital coins are created by solving complex mathematical problems, uses increasing amounts of computer processing power.
Once the virtual coins are mined they can be stored online and later withdrawn as real money. Since the cryptocurrency’s creation the value of one Bitcoin has soared from just 72p to £12,300.
Scott Helme, the security researcher who first spotted the hack, said of the attack: ‘It means unsuspecting visitors to those websites have their devices – whether it be a phone, tablet or computer – also hacked.
‘Essentially unsuspecting people are now helping the bad guy.
‘Their devices may get slower as they are being used to mine cryptocurrencies. But the worst part is they are essentially working for a criminal gang.’ It is unclear whether the hack was orchestrated by a lone wolf or criminal group.
The hack comes less than a year after the ‘Wannacry’ cyber attack that disrupted computers belonging to more than a third of NHS trusts.
A spokesman for the National Cyber Security Centre (NCSC) –said: ‘NCSC technical experts are examining data involving incidents of malware being used to illegally mine cryptocurrency.
‘The affected service has been taken offline, largely mitigating the issue. At this stage there is nothing to suggest that members of the public are at risk.’