Following news that The Information Commissioner’s Office (ICO) took down its website after a warning that hackers were taking control of visitors’ computers to mine cryptocurrency. Fabian Libeau, VP at RiskIQ commented below.
Fabian Libeau, VP at RiskIQ:
“We are seeing threat actors around the world exploiting what is already a hostile currency in a lawless digital world. Threat actors hack vulnerable sites or spin up fake, illegitimate websites to siphon money off of major brands, often with typosquatting domains and fraudulent branding. By leveraging domains or subdomains that appear to belong to major brands, these actors trick people into visiting their sites running cryptocurrency mining scripts to monetise their content. When we looked at domains running the cryptocurrency mining script Coinhive, we found many examples of typosquatting and domain infringement.
Unfortunately, security teams lack visibility into all of the ways that they can be attacked externally, and struggle to understand what belongs to their organisation, how it’s connected to the rest of their asset inventory, and what potential vulnerabilities are exposed to compromise. In the case of scripts like Coinhive, it means being able to inventory all the third party code running on your web assets, and being able to detect instances of threat actors leveraging your brand on their illegitimate sites around the internet. Digital threat management software can help companies get covered by continuously discovering an inventory of your externally-facing digital assets and managing risks across your attack surface.”