The Italian authorities have detected a cryptocurrency mining campaign affecting the facilities of the company Sacal, responsible for administrative systems at the airports of Calabria.
The campaign was discovered by the postal police personnel of Reggio Calabria and Catanzaro; apparently the main one involved is a 41-year-old technician in charge of the IT infrastructure of Lamezia Terme Airport. According to the authorities, the defendant was able to install malware and exploit Sacal’s IT infrastructure for the mining of the Ethereum virtual currency, putting airport security at risk. Sacal’s technicians, alarmed by some anomalies, informed the border police, who requested the intervention of the police’s cybercrime experts.
The researchers, with the collaboration of the airport authorities, analyzed the evidence found in computer systems, discovering the presence of what they called “a real mining farm”, an abusive network made up of five powerful electronic processors exclusively used for cryptocurrency mining exploiting the airport’s electronic resources.
This set of processors allowed the criminal to obtain multiple units of the popular Ethereum cryptocurrency without having to solve the costs of the electricity required for the operation of this powerful equipment, all thanks to the exploitation of vulnerabilities in Sacal.
The investigations, coordinated by the Public Prosecutor’s Office of Lamezia Terme, were carried out with technical activities that allowed examining the IP addresses associated with the machines installed to identify the website “Ethermine”, used for Ethereum mining. Airport surveillance systems also allowed identification of the guilty employee. Investigations are still under way and the possible involvement of an accomplice is even in search.
He is a well-known expert in mobile security and malware analysis. He studied Computer Science at NYU and started working as a cyber security analyst in 2003. He is actively working as an anti-malware expert. He also worked for security companies like Kaspersky Lab. His everyday job includes researching about new malware and cyber security incidents. Also he has deep level of knowledge in mobile security and mobile vulnerabilities.