Stories
Slash Boxes
Comments

SoylentNews is people

posted by Fnord666 on Tuesday February 13 2018, @12:51PM   Printer-friendly
from the plosives-galore dept.

Submitted via IRC for Bytram

Thousands of websites around the world – from the UK's NHS and ICO to the US government's court system – were today secretly mining crypto-coins on netizens' web browsers for miscreants unknown.

The affected sites all use a fairly popular plugin called Browsealoud, made by Brit biz Texthelp, which reads out webpages for blind or partially sighted people.

This technology was compromised in some way – either by hackers or rogue insiders altering Browsealoud's source code – to silently inject Coinhive's Monero miner into every webpage offering Browsealoud.

For several hours today, anyone who visited a site that embedded Browsealoud inadvertently ran this hidden mining code on their computer, generating money for the miscreants behind the caper.

Source: https://www.theregister.co.uk/2018/02/11/browsealoud_compromised_coinhive/


Original Submission

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 0) by Anonymous Coward on Tuesday February 13 2018, @03:39PM (1 child)

    by Anonymous Coward on Tuesday February 13 2018, @03:39PM (#637144)

    They're full programs which execute arbitrary code on your computer which is typically outside the control of the site operator, so how much you trust the site is irrelevant.

    It's time we stopped collectively pretending they're just documents, admitted they're programs, and took some sane security precautions like blocking internet access by default.

    Just because idiocy is grandfathered in doesn't mean we have to live with it, disable JS, disable web access, and boycott shitty programs which require an always-on unfiltered internet connection to function. Treat them and their absurd demands no differently to a normal program making those same demands.

  • (Score: 2) by bob_super on Tuesday February 13 2018, @06:06PM

    by bob_super (1357) on Tuesday February 13 2018, @06:06PM (#637208)

    Browsing websites without NoScript is like visiting the street ladies without wearing rubbers. You will eventually catch something unpleasant.

    Yes, it's often inconvenient, but unlike sex with condoms, NoScript browsing is often a more pleasurable experience.