The Information commissioner’s Office (ICO) has taken its web site after a warning that hackers were taking control of the computer of the visitor of my cryptocurrency.
Security researcher Scott Helme said more than 4,000 web sites, including many of the government, were interested.
He said that the affected code, now disabled, and the visitors were most at risk.
The ICO said: “We are aware of the problem and are working to resolve it.”
Mr Helme said that he was advised by a friend who had received a malware warning when he visited the ICO website.
He traced the problem to a web site plug-in called Software, that is used to help the blind and partially sighted people to access the web.
Texthelp, the company that produces the plug-in, has confirmed that the product was affected for four hours after malicious code designed to generate cryptocurrency.
The cryptocurrency involved was unit mopedo – a rival to Bitcoin that is designed to make the transaction “untraceable” back to the senders and recipients involved.
The plug-in had been tampered with to add a program, Coinhive, that “mines” for unit mopedo by running a processor-intensive calculations on a visitor’s computer.
Once the plug-in has been infected, has affected thousands of other websites in addition to the ICO, which has used.
By Rory Cellan-Jones, BBC technology correspondent
The increase in the value of Bitcoin and other cryptocurrencies has not escaped the attention of hackers looking to make a quick buck.
Data Mining, the process in which the new coins digital are created by solving complex mathematical problems, using a amount of computer processing power and that means big electricity bills.
So much better then if you can get the computer to other people to do the job. Hackers do this by placing software in the web sites, which means that, unbeknownst to them, the computer of the visitors are put to work mining cryptocurrencies.
It seems that the Information Commissioner’s website, together with the others managed by the government, have been infected by crypto-mining code injected into some of the accessibility software they all use.
This type of attack has become increasingly common, and while it seems to not cause the loss of data or damage to systems, means that the computer can run much more slowly.
What is Bitcoin?
Bitcoin boom of mining requires the growth of malware
Starbucks, free wi-fi, the computer made mine cash
Mr Helme said: “it Is a very lucrative proposal. Infect a web site and infects approximately 5000.
“This was a very serious infringement. They could have extracted the personal data, the information is stolen or malware installed. It was only limited by the hackers’ imagination.”
As well as the ICO web site hacked script was found running on the website of the Student loans Company, Barnsley Hospital and other web sites in the UNITED kingdom and around the world.
Martin McKay, chief technical officer at TextHelp, said: “in the light of recent cyber attacks around the world, we have been preparing for an accident in the last year, and our data security action plan has been shot immediately.”
The company is commissioning a safety check by an independent consultancy after the attack, he said.
Because the malware only runs when someone is actively visiting an infected site, there is an additional risk for computer users, Mr Helme added.
A National Cyber Security Centre spokesman said: “NCSC technical experts are examining the data involving incidents of malware used to illegally mine cryptocurrency.
“The service in question was taken offline, largely to mitigate the problem. Government web sites will continue to operate in a safe manner.
“At this stage there is nothing to suggest that members of the public are at risk”.