Lamezia, an employee used airport computers to produce virtual money

Share

October 30, 2020 "Estraeva", that is, it produced cryptocurrencies, or virtual currencies such as bitcoins, using the facilities of the Sacal company, in charge of managing Calabrian airports.

The 'miner' was discovered and reported by staff of the Postal Police of Reggio Calabria and Catanzaro: he is a 41-year-old technician in charge of the computerized infrastructure of the airport, who worked in the airport of Lamezia Terme.

According to the postal police, he was able to install malware and exploit Sacal's IT infrastructure to "mine" virtual currency, endangering the security of the infrastructure.

The Sacal technicians, alarmed by some anomalies, informed the border police, who requested the intervention of the cybercrime experts of the postal police.

The investigators, with the collaboration of the airport authorities, analyzed the partitions of the IT network inside the hub, discovering the presence, in two different technical rooms, of a real "Mining farm", that is an abusive network made up of five powerful electronic processors, called "Mining Rig", a term used to indicate in technical jargon the systems used to create bitcoin or other cryptocurrencies, connected to the external Internet network through systems dedicated to the management of airport services and powered by the airport's electricity supply.

This system allowed the airport hacker to procure Ethereum, one of the most well-known cryptocurrencies, without having to incur the costs of electricity necessary for the 24-hour operation of the equipment and exploiting the connection of the Sacal plants, compromising, according to the accusation, the airport computer security.

The investigations, coordinated by the Lamezia Terme Public Prosecutor's Office, were conducted with technical activities that made it possible to examine the IP addresses associated with the machines installed, to identify the site of the "Ethermine" pool (used for 'mining' of the Ethereum cryptocurrency) and monitor the site.

Stalking and cameras installed in the rooms allowed the employee to be identified.

Investigations continue to ascertain the presence of any accomplices.