More than four thousand sites, including government and university portals in the United Kingdom, Australia, and the United States, are compromised with a mining code.

A hidden Coinhive miner was embedded into the Browsealoud plugin, designed by Texthelp as a screen reader for people with vision impairment or literacy problems. The code secretly uses the website visitor's processing power to mine a digital currency called Monero.

Secret mining lasted for at least several hours on 12 February. A total of 4,200 sites were affected, including the resources of the National Health Service of the United Kingdom (NHS), the sites of the Financial Ombudsman Service, the City University of New York, the US Judicial Portal and a number of government sites in Australia and the United Kingdom with the extensions and

According to a preliminary investigation, the Javascript code of the miner was added to the plugin code between 03.00 and 11.45 UTC. Visitors' processing power was used only when the page was open in the browser and ended after a visitor left the page. In many cases, Coinhive was blocked by antivirus software and ad blockers.

The affected plugin was temporarily removed from the network in order to eliminate the problem and improve security, said an official representative of Texthelp.

Currently, all websites are working in normal mode. According to Texthelp, the incident did not lead to personal data leaks or theft of any other information.