Summary
Russian mining: The idea is relatively simple: redirect users of one website to another to harness the power of their PCs in order to mine cryptos.
Russian mining, more and more illegal cases: Leggi qui l’articolo in Italiano.
Illegal mining is a scam that, unfortunately, is taking off globally (Coherent Market Insights talks about a market that in 2025 could reach 38 billion dollars) and that, in this case, involved a recently hacked website of the Khabarovsk County Government in Russia.
The latest case in Russia
According to reports, towards the end of May, users looking for job offers, rather than for other official events on the agenda of local authorities, were redirected to a second website.
Without the knowledge of those directly concerned the website launched data mining software on computers whose energy was used to mine cryptocurrencies.
The malware in question remained active for up to 10 days before it was removed. In this case, the incident involved relatively limited traffic (600 daily users) but in February the same type of scam involved the Russian Institute of Scientific Research for Experimental Physics, the main nuclear research organisation in Russia and, in September, two Crimean government IT managers were dismissed for installing similar hardware inside government buildings.
Not only malware
In short, illegal mining is evolving very rapidly: the exploitation of the energy of others to mine cryptos has found new ways.
Not only malware are being used, in fact, now cybercriminals exploit mining systems within apps for sport but also for the activation of VPN networks, focused on private communications with the use of the Vilny.net miner.
The new trends are announced by Kaspersky Lab experts who also pointed out that the extraction of cryptos, in the case of apps, occurs while the video of the races is online, taking advantage of the Coinhive JavaScript miner which, to put it in simple words, converts the power of the CPU into cryptocurrencies.
The profits for the creation of the new virtual currency go to the fraudster while the victim is unaware of the (high) amounts of electricity used.