Half of the airport’s workstations infected with a crypto mining software

[LeGaulois]

There is a cybersecurity firm that published a blog post claiming they figured over 50% of the airport’s workstations were riddled with a crypto mining software despite the fact the workstations have 'industry-standard' antivirus and were not able to detect it.

They don"t know since how many times the malware was in place because they just started to work with the airport, so possibly for months. The airport didn't notice anything before.

In a worst-case scenario, attackers could have breached the IT network as a means to hop onto the airport’s OT network in order to compromise critical operational systems ranging from runway lights to baggage handling machines and the air-train, to name a few of the many standard airport OT systems that could be cyber-sabotaged to cause catastrophic physical damage.

I wonder how many others are actually targeted like this one.

[1714999428]

1714999428

[1714999428]

1714999428

[1714999428]

1714999428

[bitmover]

This would explain why all those airport totems are so slow!
However, I believe that someone would notice the peak in energy consumption, or the temperature of those devices.

[rdluffy]

They are probably mining XMR
There's a LOT of places with crypto mining softwares installed without permission, like Schools, big companies, datacenters, research facilities etc

This is not good for our crypto world, it's illegal

[Kyraishi]

I wonder how they got the software on the computers. I reckon someone came into the airport with USBs that had malware and automatic installed data on the computers.

It is confusing though. Not sure why the airport wouldn't do routine weekly, or even monthly checks on their computers for malware.

There's a couple places I think would be prone to these sorta events, such as internet cafes, etc, anywhere where there are an excess of computers that are always in use.

Great link.

[shield132]

You may can't imagine but the most curious thing that I have ever seen was window of command prompt run on bank's ATM screen and also on bill payment machine screens (while I was paying bills, somehow it started lagging and screen was in stuck, then cmd window came with words where one was written monero).
IT's are trying to get easy money by using their knowledge and some power which they have on these machines. To be fair it sucks and such employees deserve to be kicked from their job because when you run mining software on any device, it starts lag and making processes slower which is the worst thing especially when we are in touch with airport computers where security and flexibility is really must to have.

[boltz]

Wow , so it come up to this nowadays ...people installing mining software in airports in order to mine. I think the same , they definitely mining XMR as that is the easiest way to install a software to mine XMR. I remember in my country that people from IRON GATES mined in 2016 with hydro power and they actually mined a lot of months until someone caught them ... .

Regarding the security , even if they make a quick check the software should be hidden in pc in order just to generate CPU power so they thought they are having a temperature problem no wonder why they discover it so lately.

[marky89]

They are probably mining XMR
There's a LOT of places with crypto mining softwares installed without permission, like Schools, big companies, datacenters, research facilities etc

This is not good for our crypto world, it's illegal

Illegal and also inevitable in the context of CPU mining. Botnets were mining Bitcoin in the early days too! The only reason they don't now is because of the progression of specialized/ASIC mining.

If Monero didn't implement regular hard forks to stave off ASIC mining, this phenomenon would be mitigated. I guess that's the price we pay for ASIC resistance!

[hello_good_sir]

There is a desperate need for companies and governments to develop software that can instantly detect these problems.

You could make a lot of money and do a lot of good with a piece of software that basically scanned your computer for mining software and stopped it. We need to evolve with the times.

Also had a suspicious they where used to mine some sort of crypto-currency. Seems like an easy target.

[Artemis3]

There is a cybersecurity firm that published a blog post claiming they figured over 50% of the airport’s workstations were riddled with a crypto mining software despite the fact the workstations have 'industry-standard' antivirus and were not able to detect it.

They don"t know since how many times the malware was in place because they just started to work with the airport, so possibly for months. The airport didn't notice anything before.

In a worst-case scenario, attackers could have breached the IT network as a means to hop onto the airport’s OT network in order to compromise critical operational systems ranging from runway lights to baggage handling machines and the air-train, to name a few of the many standard airport OT systems that could be cyber-sabotaged to cause catastrophic physical damage.

I wonder how many others are actually targeted like this one.

Many, many ATMs use x86 PCs with windows, color me surprised. They are often installed and forgotten from an IT standpoint, unless they break completely. Same with PoS, or the various computers they use both public facing and internally. They get infected with all kinds of malware, which probably includes the monero mining ones.

Perhaps they had some antivirus, they can't bother updating frequently from fear of breaking something else, until the malware breaks them, of course. But some malware is smart enough to not break its host. If you are on windows, try to learn from the experience. Its not like this is "news" whatsoever, its been like that for decades, people just never learn.

We have talked about it here before, if you abandon Windows, OSX, Android and iOS, you are 80% there. But even within the IT people there are many who don't ever bother learning using anything else, since these always break operating systems bring food to the table. But if you read this, you already know better, now its your turn: Start with Linux, its good for you. Don't ever change, and your turn will come.

[serjent05]

This would explain why all those airport totems are so slow!
However, I believe that someone would notice the peak in energy consumption, or the temperature of those devices.

And if they do, some just ignore them, since it does not threatened the system on how those operator sees it.  Computer operators are just there to operate the software installed on a unit and not knowledgeable on anything more than their task.  Maintenance just checked the operation of the system and never bothers anything unless something bad happens or an error occur.  This is the reason why these miners are running undetected.

[eaLiTy]

I wonder how they got the software on the computers. I reckon someone came into the airport with USBs that had malware and automatic installed data on the computers.

You really do not need to physically install them using a USB, if the servers are not protect anyone can install all these with ease and the standard antivirus and malware protection software they were using was not detecting these breaches but the funny thing is that the network engineer did not identify the surge which tells you how their selection process was when they were hiring network engineers .

It is confusing though. Not sure why the airport wouldn't do routine weekly, or even monthly checks on their computers for malware.

Shows the quality of staff they hired  .
 

[Willitivity]

This is really sickening na disheartening, doesn't speak for the future of cryptocurrencies. Incidents like this make the government want to crack down on cryptocurrencies as soo as possible. CryptoJacking is a very serious issue in our contemporary society right now. Those big cooperation should endavour to check up on their systems periodically, no one is really safe.

[ene1980]

Incidents like this make the government want to crack down on cryptocurrencies as soo as possible.

What does it have to do with bitcoin, i seriously does not care about the shit load of altcoins. Government should crack down illegal miners and malware like these and companies have to take serious steps to counter these illegal activities in their network and it looks like the airport has done nothing to ensure these basic safety procedures.

[airdnasxela]

This kind of illegal activity can't be stopped unless they got arrested. But surely, other people would also do the same. What's really sad is that they're damaging the image of crypto. It's a big damage to crypto since they're targeting big company and industry. Companies should always be careful with this kind of things since just like what the airport worries, it can cause physical damage to the people in the airport if they would access to their system. That's why companies have their ITs to help them with this things and other digital issues.

We can't help it, the more cryptocurrency is getting recognition, the more people are taking it for granted even if it means oppressing others.

[Kyraishi]

I wonder how they got the software on the computers. I reckon someone came into the airport with USBs that had malware and automatic installed data on the computers.

You really do not need to physically install them using a USB, if the servers are not protect anyone can install all these with ease and the standard antivirus and malware protection software they were using was not detecting these breaches but the funny thing is that the network engineer did not identify the surge which tells you how their selection process was when they were hiring network engineers .

It is confusing though. Not sure why the airport wouldn't do routine weekly, or even monthly checks on their computers for malware.

Shows the quality of staff they hired  .
 

That's worse then. I didn't think those PC's where so easy to stop and breach that a hacker would just be able to download software and then run the programs on the computers.

They must have hired some really cheap, or clueless staff for this to go un-noticed. Don't think it would take that much work anyway...

Another interesting stat I'd like to know, how much have they actually made off mining? Are these stats public?

[TravelMug]

I wonder how they got the software on the computers. I reckon someone came into the airport with USBs that had malware and automatic installed data on the computers.

It is confusing though. Not sure why the airport wouldn't do routine weekly, or even monthly checks on their computers for malware.

There's a couple places I think would be prone to these sorta events, such as internet cafes, etc, anywhere where there are an excess of computers that are always in use.

Great link.

Hackers are targeting it's employees, simply as that. Those bad actors are going to send phishing emails to those employees. And if the employee are not aware of it, 100% the whole company are going to be infected very quickly.

Not just airport are the target of hackers now but almost all industries.

Chinese hackers are ramping up attacks on US companies, state sponsored attacks are beginning the norm today.

[maxreish]

They are probably mining XMR

Yes, it's about the xmrig monero miner. How did those malicious malware entered the airport's computer system? Unless there is an insibe job who does all the job inserting such malware program to the computer. I wonder how much Europe's airport spent huge electric bill for unconsciouly knowing there is a mining of xmr for a couple of months.

[bap2000]

Going unnoticed is the cunning of hackers, who are always working to find ways to attack the systems and obtain profits illegally. In the world of cryptocurrencies we must be very careful with the platforms we use.

[elda34b]

It would be better if the data is published and how they detect it. It's like saying you know everything but nobody else should know it.

[CryptoBry]

There is a cybersecurity firm that published a blog post claiming they figured over 50% of the airport’s workstations were riddled with a crypto mining software despite the fact the workstations have 'industry-standard' antivirus and were not able to detect it. I wonder how many others are actually targeted like this one.

I am sure that there many more facilities serving the public whose computer system are infected with mining malware taking advantage of free infrastructure and free power to gain something. This is akin to producing money out of thin air as the mining malware is just piggy-backing the existing workstations. Now, there a need for a more sophisticated detection system so that nay attempt to do free mining can be monitored and thwarted. This is definitely unacceptable and can pose some security risks.

They are probably mining XMR. There's a LOT of places with crypto mining softwares installed without permission, like Schools, big companies, datacenters, research facilities etc. This is not good for our crypto world, it's illegal

Yes, this thing should not be tolerated. I think all facilities public and private should now start monitoring and tracking their own system for possible infection of the mining malware. The big problem is when it is an inside job and there is no one looking closely at the IT department. This is why there should be a good software that can easily recognized this malady.

Illegal and also inevitable in the context of CPU mining. Botnets were mining Bitcoin in the early days too! The only reason they don't now is because of the progression of specialized/ASIC mining. If Monero didn't implement regular hard forks to stave off ASIC mining, this phenomenon would be mitigated. I guess that's the price we pay for ASIC resistance!

CPU mining can actually be a good opportunity for us to participate with as long as we are not doing illegally by just using those computers we legally own and connected with. However, for the sake of solving this problem, I agree that Monera must update via forks their platform. We can not allow this thing to continue.