At first glance a CoinHive crypto miner being serviced by a website whose URL contains the string’ ICO’ might not seem so strange.
But when you know that ICO in this case stands for the UK’s Information Commissioner’s Office — aka the national personal data protection and privacy watchdog, whose URL( https :// ico.org.uk) predates both Bitcoin and the present hysterium for token auctions — well, the extent of the cryptojacking insurance snafu quickly becomes apparent.
Nor is the ICO the only website or authority website caught performing cryptocurrency mining malware to visitors on every sheet they inspected. Thousands of places were settlement via the same plugin.
Helme marked the source of the infection to an accessibility plugin, called Browsealoud, created by a UK company announced Texthelp.
The web screen reader software was being used on composes of UK government websites — but too further afield, including on authority websites in the US and Australia.