The malware, which tricked the computers of visitors to the city’s official webpage into generating cryptocurrency without their knowledge, was detected and removed over the weekend.
Hackers recently hacked into the city of Oulu’s website in an attempt to mine cryptocurrency with the devices of people who visited the site, according to the city.
The hack was discovered over the weekend, according to the city’s IT security officer, Kari Nykanen.
“Our service provider scoured the sites’ servers and found the script,” Nykänen said, adding that the hackers’ code had been on the system for less than a day.
Cryptocurrency is digital or virtual money generated by computers and then traded between investors. The most well-known cryptocurrency is Bitcoin, but there are thousands of other varieties of virtual currency.
A lot of computing power as well as electricity is needed to create more cryptocurrency. In order to generate virtual currency efficiently and affordably, hackers are using a method – known as cryptojacking – to force victims’ computers to do so, according to internet security firm Kaspersky. (siirryt toiseen palveluun).
The code used in the Oulu city cryptojacking was to generate a cryptocurrency called Monero.
The malware was used through victims’ computers when they visited the city’s website, but was only active when the site was viewed, according to Nykänen.
“The malware was active as long as the site was viewed, but did not install anything on users’ computers,” he said, adding that the offending script had been removed and the city’s system was fully operational on Monday. .
The city became aware of the incident after Yle’s IT security team noticed suspicious traffic coming from the city-run site over the May Day weekend.
The origin and cause of the hack were still under investigation on Monday, according to Nykänen, who added that it may have been a security breach, but that was still unclear. .
Cryptojacking has been used for a few years now. In some cases, operators of shady websites install the mining scripts themselves, but legitimate websites can also be hacked for such purposes, according to Yle’s IT security manager, Kim Johanson.