Browsealoud Texthelp Compromised During Cyber Attack

At 11:14 am GMT on Sunday 11th February 2018, a JavaScript file which is part of the Texthelp Browsealoud product was compromised during a cyber attack. The attacker added malicious code to the file to use the browser CPU in an attempt to illegally generate cryptocurrency. This was a criminal act and a thorough investigation is currently underway.

Texthelp can report that no customer data has been accessed or lost. The company has examined the affected file thoroughly and can confirm that it did not redirect any data, it simply used the computers CPUs to attempt to generate cryptocurrency. The exploit was active for a period of four hours on Sunday.

The Browsealoud service has been temporarily taken offline and the security breach has already been addressed, however Browsealoud will remain offline until Tuesday 12:00 GMT. This is to allow time for Texthelp customers to learn about the issue and the company’s response plan.

Security researcher Scott Helme flagged the issue via Twitter yesterday, having been initially alerted by another security professional, Ian Trump. Scott Helme traced the source of the infection to an accessibility plugin, called Browsealoud, created by a UK company called Texthelp.

It is estimated that more than 4,200 sites were infected.