Tech 14 February 2018Vince Dioquino
Water utility hit by crypto mining malware
Radiflow, a security firm specializing in SCADA (supervisory control and data acquisition) servers, has reported an attack on the network of a water utility provider based in Europe. The disclosure established a precedent in industrial-scale data control systems and critical infrastructures, given the nature and intent of its execution: cryptocurrency mining.
“This is the first instance of such a cryptocurrency miner that we have seen in an industrial site,” said Radiflow CEO Ilan Barda. Often labelled as “cryptojacking,” attacks such as these have been growing in number in relation to the hyperactive markets that cryptocurrencies have fueled since their inception almost a decade ago.
“We found malware on the utility’s server that was mining Monero cryptocurrency,” said Yehonatan Kfir, CTO at Radiflow.
The CTO explained that Radiflow’s disclosure is only an initial assessment, as the investigation is still ongoing. Thus far, the investigation has determined that the mining software has been installed into the water utility’s network protocols for over three weeks before it was identified and mitigated. As a matter of protocol, Radiflow has not disclosed any particular facility’s location, only revealing that’s somewhere in Europe.
While inconclusive, the disclosure speculates that the malware was likely acquired through an advertising site or element. This speculation is supported by logs showing that the first contact with the infection was through an HMI (Human Machine Interface) running an old operating system. Limited evidence suggests that the cryptocurrency malware wasn’t able to get past the initial point of infection. Kfir notes the initial findings are uncertain whether it was a targeted attack against this company or against SCADA systems in general.
With the entire crypto space now floating at a valuation of $400 billion in total market cap, attacks based on intentions to gain or mine cryptocurrency have proliferated. A recent example is the vulnerability found on Oracle’s point-of-sale systems. This opened risks to at least 300,000 businesses using the WebLogic server. The hack reportedly sifted $226,000 worth of Monero (XRM), a cryptocurrency leveraged by cybercriminals for its “incognito” features. Recent reports have also highlighted how North Korean hackers have been spreading Python-based injection code via Secure Shell (SSH) channels to mine cryptocurrency.
A report by Cisco’s Talos intelligence research group estimated that unauthorized cryptocurrency mining generates an average of $1.18 million annually, with the trend likely to increase in the coming years. While leading cryptocurrencies like Bitcoin Cash experience a bullish resurgence in Q1 2018, users trading and transacting in the secure network are advised to stay vigilant in relation to such threats and implement security measures on their end.
Note: Tokens on the Bitcoin Core (SegWit) chain are referenced as BTC coins; tokens on the Bitcoin Cash ABC chain are referenced as BCH, BCH-ABC or BAB coins.
Bitcoin Satoshi Vision (BSV) is today the only Bitcoin project that follows the original Satoshi Nakamoto whitepaper, and that follows the original Satoshi protocol and design. BSV is the only public blockchain that maintains the original vision for Bitcoin and will massively scale to become the world’s new money and enterprise blockchain.
Tech 28 minutes ago
Is China banning Bitcoin mining?
The draft proposal from China’s economic planning commission, which labels bitcoin mining as an industry that needs to be “eliminated," sparks undesirable attention to the global mining industry.
Tech 19 May 2019
Future block reward halvings spell doom for Bitcoin Core but bright future for Bitcoin SV
nChain’s chief scientist Dr. Craig Wright has performed some calculations about future economics for Bitcoin Core (BTC).
Tech 17 May 2019
Democrat Andrew Yang believes blockchain ‘big part’ of US future
A candidate for Democratic presidential nomination has spoken out in favor of blockchain, saying the technology will be a “big part of our future.”