Hackers stole the processing power of several Indian government websites to mine cryptocurrencies, researchers found.
They seem to have done the same to many of these government websites mainly because they have high traffic volume, found Indrajeet Bhuyan, one of the security researchers behind the revelation.
“Hackers target government websites for mining cryptocurrency because those websites get high traffic and most people trust them,” he stated. “Earlier, we saw a lot of government websites getting defaced. Now, injecting crypto-jackers is more fashionable as the hacker can make money.”
An effort from Indian media to speak to JA Chowdary, the IT advisor to AP’s Chief Minister, yielded a one-liner response from him.
“Thanks for notifying us about the AP website hacking,” it said.
However, nothing concrete has been done to fix the issue. The malware code continues to run on AP’s public portals. CCN.com’s recent efforts to reach their websites also met with a downtime error.
Hackers are inclined to use cryptojacking as their prime tool to earn money illegally, for it doesn’t require significant technical skills. The darknet sells cryptojacking kits for a mere $30, finds a Digital Shadows report. It is a cheaper alternative to a much more complex ransomware attack, meaning more money for less risk.
Nevertheless, cryptojacking continues to be a poor man’s choice for its inability to bring in any substantial earning.
“With a hash rate of 80 H/s and CoinHive’s payout ratio, a miner earns about 5.8 USD per day and website on average, which supports our observation that web-based cryptojacking currently provides limited profits only,” states a report by the Braunschweig University of Technology.
Less risk also means less money!
Featured image from Shutterstock.