Workstations in a European Airport Found to Be Riddled with Crypto-Miners

When you walk into an airport, you might expect crowds, overworked staff, people who had too much fun with the free perfume samples at a duty-free store, and bad food. And you might be willing to accept it all. It’s part of the airport culture, right? What you do not want to feel is anxiety over your own safety. Some of it comes with the territory, and it might be hard to feel safe when someone keeps telling you over the speakers not to leave your bags unattended or when you are passed by security with machine guns and drug-sniffing dogs. When we have that going on, we often forget how much airports rely on information technology, and, unfortunately, just like anywhere else, workstations in airports can be attacked by masked cybercriminals too. Cyberbit, the self-proclaimed leader in cybersecurity training and simulation, carried an investigation in an undisclosed European airport in October, and they found crypto-mining software installed on more than 50% of workstations.

What is crypto-mining software, and how does it affect cybersecurity?

Cryptocurrency is a virtual currency that can be used to purchase goods and services. Some of the more popular cryptocurrencies include Bitcoin, Ethereum, Ripple, and Litecoin. This kind of currency is not created out of thin air, and, in fact, there’s usually a cap on how much of one cryptocurrency can be in circulation. Furthermore, vast amounts of resources are necessary to create it. At its core, cryptocurrency is software, and everything that has to do with it is created by code and algorithms. It is decentralized, which means that no one company is responsible for every coin created and distributed. Instead, cryptocurrency is created on multiple computers, and people can be awarded coins when they supply their own computers and resources to process transactions. In many cases, new coins are created when transactions are made and confirmed using the process of mining. Understanding these processes can be quite confusing if you are not familiar with algorithms and coding, but there are plenty of resources that you can check for more information. We suggest checking out this website to get more cryptocurrency facts.

A cryptocurrency miner is a tool that facilitates the process of verifying cryptocurrency transactions. The verified transactions are added to the blockchain, which, according to blockgeeks.com, is a time-stamped series of immutable records of data that is managed by a cluster of computers. Basically, a cryptocurrency miner makes cryptocurrency for the person who is employing it based on a reward system. A cryptocurrency miner is meant to solve mathematical puzzles to match the numbers provided by the blockchain to get rewarded with coins, and this process requires resources. People cannot make these guesses, and powerful computers are required for that. Cybercriminals know that they can optimize their chances of accumulating more cryptocurrency coins by employing multiple computers, and that is why nowadays cryptocurrency miners are often associated with cybercrime. By infecting vulnerable systems with cryptocurrency miners, the attackers do not need to worry about electricity bills, the cost of infrastructure, and other cryptocurrency mining-related problems. Unfortunately, the owners of the infected machines can end up facing huge problems.

As we mentioned already, powerful computers are needed for mining, and the machines that most of us possess aren’t exactly considered to be very powerful. Cybercriminals have figured out how to infect smartphones with cryptocurrency miners, and researchers have found that, in many cases, mobile devices are basically killed in the process because their resources are overexerted. Even desktop computers can crash due to the expended CPU power. Crashes are most likely to occur in older, outdated systems. Unfortunately, in some cases, cryptocurrency miners can fly under the radar and stay undetected until a security expert intervenes. That is what happened when Cyberbit went on to analyze the cybersecurity of one airport’s workstations and discovered the xmrig Monero miner. The issue is that if cybercriminals have managed to drop a miner onto more than 50% of workstations, and that means that they are vulnerable and that other threats could be executed using the same vulnerabilities. Given that airport workstations might be responsible for everything from checking people in to controlling flight traffic, the presence of any kind of malware is disturbing.

Don’t jump on airport WiFi without care

Most airports provide passengers with WiFi access, and, unfortunately, people tend to jump on free Internet connection even when it is public. If you did not know this already, let us warn you that using public WiFi is not safe. Besides the common issues related to data security and virtual privacy, public WiFi could also be exploited by cryptocurrency miners. According to a siliconangle.com article, public WiFi networks can be hijacked and used to inject mining scripts into the browsing sessions of those connected to the network. This is why it is important that you follow safety tips for using public computers and WiFi networks. Of course, since most of us have computers– a.k.a., mobile phones – in our pockets, we no longer use public computers unless it’s an emergency situation. However, you still want to be aware of what you must and mustn’t do in airports.

Our safety tips for using public computers and WiFi in airports include installing VPN apps and programs to ensure anonymous and encrypted browsing, implementing best password security practices and password management tools, employing trustworthy security software, and, of course, thinking before acting. If you check your surroundings and evaluate the risks around you, you have better chances of avoiding security threats, and that goes for both physical and cyber security. As for cryptocurrency mining, if you notice that your mobile device/laptop/tablet has slowed down significantly after connecting to the public airport WiFi, there is a good chance that your device was hijacked or maybe even infected. Perhaps, you visited the undisclosed airport that dealt with the massive crypto-mining issue. Of course, while we know of one airport that dealt with this issue, that does not mean that all other airports are safe, and, in theory, you could catch a miner pretty much anywhere.