DooKey
[H]F Junkie
- Joined
- Apr 25, 2001
- Messages
- 13,554
Cryptojacking attacks are becoming more and more common these days and now it appears a utility company is the first victim of attacks against critical infrastructure. Security company Radiflow discovered the malware recently and found that it had been running on the network for 3 weeks totally unknown to the utility. I guess cryptojacking apparently knows no bounds when it comes to critical systems versus non-critical systems and companies are going to have to be more vigilant against this kind of hijack. I believe critical infrastructure should be more isolated than this and a user shouldn't be able to open a browser and websurf on important systems. Hopefully this will be remedied by this particular utility.
At this point, Radiflow's investigation indicates that the cryptocurrency mining malware was likely downloaded from a malicious advertising site. As such, the theory that Kfir has is that an operator at the water utility was able to open a web browser and clicked on an advertising link that led the mining code being installed on the system.
At this point, Radiflow's investigation indicates that the cryptocurrency mining malware was likely downloaded from a malicious advertising site. As such, the theory that Kfir has is that an operator at the water utility was able to open a web browser and clicked on an advertising link that led the mining code being installed on the system.