It seems that potentially thousands of websites run by U.S. and UK government agencies were infected Sunday with malware that caused visitors to secretly mine cryptocurrency. Government websites are already known for being slow and having horrible out-dated web design standards, and now they are embedded with crypto-mining malware that slows things down even more.
This exploit was made possible by outdated accessibility software. The software in question is Browsealoud from British software maker Texthelp, which reads out websites for people with vision problems. Outdated versions of the software can be exploited by a vulnerability in the way the software dials home to the text-to-speech server.
According to reports more than 4200 websites have been infected because of this exploit. Texthelp is reaching out to all of its customers to update to the latest version of their software.