Crypto Mining Malware Used to Hack Russian Pipeline Giant Transneft

News | December 18, 2017 By:

Transneft, the largest oil pipeline company in the world, has suffered a cyber attack in which its computers were used for the unauthorized mining of the cryptocurrency Monero, the tenth-largest cryptocurrency with a market cap of over $5 billion.

Transneft is a Russian state-owned transport monopoly. The company is operating over 70,000 kilometers of trunk pipelines. It transports about 90% of oil and 30% of oil products produced in Russia, in addition to considerable volumes of crude hydrocarbons from the CIS countries.

In a company meeting on Dec. 15, Transneft vice president Vladimir Rushailo revealed that they found that the company’s hardware was used to manufacture cryptocurrency. He said the cyber attack could have a negative impact on the productivity of their processing capacity.

Transneft spokesman Igor Demin said the cryptocurrency mining malware was automatically downloaded by a Transneft computer and was later erased. He noted that the company now has programs to block such downloads and prevent similar incidents in the future.

In October, Israeli cybersecurity giant Check Point reported that they found thousands of examples of video-streaming and file-sharing websites, such as The Pirate Bay and NBC’s ShowTime, hosting cryptomining software like CoinHive, a Monero mining software. Check Point intelligence manager Maya Horowitz said almost all failed to disclose the tools’ use.

“I don’t think any one of these is very safe or good for users,” Horowitz said, noting that the code can make computers crash and can provide an avenue for hackers to insert their own malicious code.