Government websites were infected with the malware on Sunday after a browser plug-in made by a third-party was compromised.
Hackers used the same browser plug-in that the United Kingdom government was exposed with, Browsealoud, with the developers of the extension, Texthelp, confirming hackers infused crypto mining software Coinhive into their extension. Coinhive hijacks the processing power of a user's computer to mine the cryptocurrency Monero.
The BrowseAloud service was taken offline on Monday by Texthelp, with the company stating in a blog post that the hacking was a criminal act and was being investigated.
He said Browsealoud would remain offline for the next two days to allow the company to communicate the issue with its customers.
Security researcher Scott Helme discovered the hack when a pal mentioned getting antivirus alerts on a UK Government website. "There are easy ways to make sure they don't do that".
"But there were ways the government sites could have protected themselves from this".
Helme documented the attack on his website, while Texthelp said an investigation was under way.
"The attacker added malicious code to the file to use the browser CPU in an attempt to illegally generate cryptocurrency", said Texthelp.
The Queensland government's main site for its legislation has been hijacked, as have websites belonging to the likes of Queensland Urban Utilities, the Victorian parliament, and South Australia's City of Unley.
"Texthelp can report that no customer data has been accessed or lost".
In December The Guardian reported that almost 1 billion visitors to the video sites Openload, Streamango, Rapidvideo and OnlineVideoConverter were also being crypto-jacked.
The exploit was online for four hours in the early hours of Monday, during which time most Australians would have been asleep, and probably not accessing government websites.