Indian authorities have made their stance about cryptocurrency clear, with the Reserve Bank of India banning crypto financial institutions from dealing with crypto businesses.
The government claims that cryptocurrencies are nothing more than Ponzi schemes, and thus that Bitcoin and altcoins cannot be declared as real currency.
However, new research has revealed that the government may be among the many institutions that have inadvertently supported crypto via illegal mining.
According to a publication by Economic Times India, hackers have been using government websites to silently mine cryptocurrencies.
The hackers, as reported by the site, have for a long time employed cryptojacking malware to mine digital currencies without the knowledge of government officials.
Illegal mining on popular government website
Cryptojacking involves the use of a software program that allows an attacker to access and take control of another user’s website or device. The malicious code, instead of being used to steal data, instead borrows the computing power of the infected machine or site to mine cryptocurrency.
All these happen silently in the background and without the victim’s knowledge.
Among the thousands of websites hit by malware scripts in India are those of the director of Andhra Pradesh municipality, as well as at Tirupati Municipal Corporation, and the Macherla municipality.
The latest findings corroborate earlier reports that had revealed an attack on the website under the Union Minister’s control. India’s state of Bihar minister Ravi Shankar Prasad had his website hacked, and its computing power used to mine Monero (XMR).
Research conducted by security experts in the country found that government websites are particularly susceptible due to their high traffic and higher public trust.
The three websites above are sub-domains of the ap.gov domain that sees over 1.6 million visitors every month.
One of the experts, Indrajeet Bhuyan said that government institutions have been and will continue to be at risk of being hacked. However, unlike in previous instances, the new trend seems to be cryptojacking due to the added incentive of making money from the mined digital assets.
High-volume traffic on some illegal streaming websites is also said to attract crypto mining malware and has seen the number of incidents increase alarmingly over the last few months.
The authorities are aware of this matter, including JA Chowdary, the IT advisor to Andhra Pradesh Chief Minister.
Although the researchers’ findings were acknowledged on September 10, the affected websites still ran the malware scripts more than four days later.
Even the public sector isn’t spared
According to PublicWWW, cryptojackers have not spared the private sector. The source-code search engine listed well over 100 corporate entities whose websites are affected by mining malware. Monero appears to be the preferable altcoin mined through these scripts.
In April, Aditya Birla Group, one of the largest multinational companies in India, was hit by malware.
The malicious code affected over 2,000 computers belonging to its subsidiaries. And like in many other cases, the preferred crypto for mining was Monero (XMR).
Cryptojacking is a global problem and is likely to gather momentum as cryptocurrency use becomes more widespread and hackers look to exploit vulnerabilities.
Hackers have infected over 50,000 websites around the world with crypto-jacking malware, with the most popular script used being Coinhive. While a few have attempted to mine other virtual currencies, the easiest and most appealing is Monero.
XMR’s privacy and untraceability make it ideal for hackers who leverage these features to hide their coins, drawing increased scrutiny from law enforcement for the altcoin and its users.