Tech 10 months agoVince Dioquino
Water utility hit by crypto mining malware
Radiflow, a security firm specializing in SCADA (supervisory control and data acquisition) servers, has reported an attack on the network of a water utility provider based in Europe. The disclosure established a precedent in industrial-scale data control systems and critical infrastructures, given the nature and intent of its execution: cryptocurrency mining.
“This is the first instance of such a cryptocurrency miner that we have seen in an industrial site,” said Radiflow CEO Ilan Barda. Often labelled as “cryptojacking,” attacks such as these have been growing in number in relation to the hyperactive markets that cryptocurrencies have fueled since their inception almost a decade ago.
“We found malware on the utility’s server that was mining Monero cryptocurrency,” said Yehonatan Kfir, CTO at Radiflow.
The CTO explained that Radiflow’s disclosure is only an initial assessment, as the investigation is still ongoing. Thus far, the investigation has determined that the mining software has been installed into the water utility’s network protocols for over three weeks before it was identified and mitigated. As a matter of protocol, Radiflow has not disclosed any particular facility’s location, only revealing that’s somewhere in Europe.
While inconclusive, the disclosure speculates that the malware was likely acquired through an advertising site or element. This speculation is supported by logs showing that the first contact with the infection was through an HMI (Human Machine Interface) running an old operating system. Limited evidence suggests that the cryptocurrency malware wasn’t able to get past the initial point of infection. Kfir notes the initial findings are uncertain whether it was a targeted attack against this company or against SCADA systems in general.
With the entire crypto space now floating at a valuation of $400 billion in total market cap, attacks based on intentions to gain or mine cryptocurrency have proliferated. A recent example is the vulnerability found on Oracle’s point-of-sale systems. This opened risks to at least 300,000 businesses using the WebLogic server. The hack reportedly sifted $226,000 worth of Monero (XRM), a cryptocurrency leveraged by cybercriminals for its “incognito” features. Recent reports have also highlighted how North Korean hackers have been spreading Python-based injection code via Secure Shell (SSH) channels to mine cryptocurrency.
A report by Cisco’s Talos intelligence research group estimated that unauthorized cryptocurrency mining generates an average of $1.18 million annually, with the trend likely to increase in the coming years. While leading cryptocurrencies like Bitcoin Cash experience a bullish resurgence in Q1 2018, users trading and transacting in the secure network are advised to stay vigilant in relation to such threats and implement security measures on their end.
Note: Tokens in the SegWit chain are referred to as SegWit1X (BTC) and SegWit Gold (SWG) and are no longer Bitcoin. Bitcoin Cash (BCH) is the only true Bitcoin as intended by the original Satoshi white paper. Bitcoin BCH is the only public block chain that offers safe and cheap microtransactions.
Note: Tokens on the Bitcoin Core (segwit) Chain are Referred to as BTC coins. Bitcoin Satoshi Vision (BSV) is today the only Bitcoin implementation that follows Satoshi Nakamoto’s original whitepaper for Peer to Peer Electronic Cash. Bitcoin BSV is the only major public blockchain that maintains the original vision for Bitcoin as fast, frictionless, electronic cash.
Tech 6 hours ago
Australian insurance company asks, “Where’s the beef?”
An insurance company working for the truck and transport industry in Australia wants to know where’s the beef. According to a report on Australasian Transport News (ATN), National Transport Insurance (NTI) has begun a partnership ...
Tech 1 day ago
Wirex now supports IBAN system for its crypto debit cards
Cryptocurrency enthusiasts in the European Economic Area (EEA) can now take advantage of the Wirex crypto debit card in even more ways. Wirex has announced that cardholders across the EEA are able to add funds ...
Tech 2 days ago
Developer shows how double spending can occur on Bitcoin SV misses mark
One of the reasons cryptocurrency hasn’t taken off as an alternative to fiat as quickly as many enthusiasts would like is because there is generally a wait time associated with the transactions. This delay is ...