Employees at the Russian Federation Nuclear Center have been arrested on suspicion of using supercomputers at the facility to mine cryptocurrency.
With increased interest and value in cryptocurrency such as Bitcoin, Monero, and Ethereum, threat actors have also begun to capitalize on the emerging industry.
Botnets are being utilized to harness power stolen from compromised slave systems to mine for cryptocurrency, government websites are being hijacked, ransomware operators demand their blackmail payments in virtual currency, and consumer mining operations are being hijacked by hackers switching wallet addresses to their own.
There are many ways, legitimately and illegitimately, to make money from cryptocurrency. For the average consumer, such trading can be lucrative but also comes with risks — as the recent crash in the price of Bitcoin has demonstrated.
Mining remains profitable for some types of cryptocurrency, including Monero and Ethereum. These operations are only worthwhile, however, if the computing power behind them is powerful enough and it is financially viable to lend PC power to find virtual coins.
This appears to be what the staff at the nuclear center knew.
The Sarov-based nuclear facility, also known as the All-Russian Research Institute of Experimental Physics (RFNC-VNIIEF), focuses on enhancing nuclear weaponry at the computational and theoretical levels.
According to local news publication Interfax, engineers were recently arrested as the facility for attempting to use the institution’s supercomputers to mine cryptocurrency.
It is not known how many members of staff were arrested, but according to Tatyana Zalesskaya, head of the research institute’s press service, “there was an attempt” to use the systems for mining with “office computing resources.”
As none of the facility’s systems, including its 1-petaflop capable supercomputer which was powered up in 2011, are meant to be connected to the Internet due to the research involved, once the engineers allegedly attempted to connect to the web for mining, the scheme was exposed.
“Similar attempts have recently been registered in a number of large companies with large computing capacities, which will be severely suppressed at our enterprises, this is technically a hopeless and criminal offense,” Zalesskaya added.
The Russian Federal Security Service (FSB) is yet to make a statement relating to the arrests, however, it is understood that a criminal case is being brought against the employees.
Earlier this month, cybersecurity firm Radiflow revealed a cryptocurrency mining operation on a SCADA network of a critical infrastructure operator.
The unnamed water utility firm’s servers were infected with malware that mined Monero for threat actors.
Previous and related coverage
The private exploit seller is expanding its reach to acquire bugs in popular Linux builds.
Updated: A new strain of unusual malware disguises itself as a LogMeIn service pack to hide suspicious traffic.
The 2017 incident took place due to a sales partner security failure.