Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Operational Security //

Physical Security

3/5/2018
11:30 AM
Scott Ferguson
Scott Ferguson
News Analysis-Security Now
50%
50%

Icelandic Intrigue: Who Stole 600 Bitcoin Servers?

Police in Iceland are investigating the physical theft of more than 600 servers used to mine Bitcoin and other cryptocurrencies, according to reports.

Police in Iceland are in the middle of an intriguing mystery: Who is behind the theft of 600 different servers used to mine cryptocurrency, including Bitcoin, from several data centers in the tiny island country.

The thefts, according to the Associated Press, were first reported on Friday, March 2, after 11 people were arrested. One of those arrested is a security guard. Law enforcement is, however, still looking for other people in connection with the heist, the AP said.

The break-ins and burglaries themselves appear to date back to December and January, when authorities started investigating, but police kept silent until Friday's court hearing. The servers are worth about $2 million, according to the AP and other reports.

The crime's been dubbed the "Big Bitcoin Heist" in Iceland.

If your Bitcoin mining operation isn't safe in Iceland, where is it safe?\r\n(Source: 12019 via Pixabay)\r\n
If your Bitcoin mining operation isn't safe in Iceland, where is it safe?
\r\n(Source: 12019 via Pixabay)\r\n

"Everything points to this being a highly organized crime," Olafur Helgi Kjartansson, a police commissioner in Iceland, told the AP.

The surging popularity of Bitcoin and other cryptocurrencies coincides with an increase in different types of crimes related to the mining of digital currency. The Icelandic case is unusual since it involved a physical theft, but other types of illegal activities also are on the uptick.

A recent report on Security Now discovered rogue employees are using spare IT equipment and other resources to mine Bitcoins. This can lead to problems ranging from skyrocketing electrical bills to the introduction of malicious software that create backdoors into the network. (See Rogue Employees Mine Cryptocurrency Using Company Hardware.)

One reason Iceland is a haven for cryptocurrency mining is the island's large resources of cheap, renewable energy that help keep servers running 24/7, according to the AP. To help locate more persons of interest, investigators are searching for spikes in electrical use.


The fundamentals of network security are being redefined – don't get left in the dark by a DDoS attack! Join us in Austin from May 14-16 at the fifth annual Big Communications Event. There's still time to register and communications service providers get in free!

The reason for these thefts is apparent: the volatile nature of cryptocurrency and the loose regulations surrounding this marketplace. At the end of 2017, Bitcoin was trading for about $20,000, although it has fallen since then (on the morning of Monday, March 5, it was trading at about $11,500). If the Bit Bitcoin Heist organizers get all 600 high-powered servers running, they could mine hundreds or thousands of cryptocurrencies.

In addition to the illegal mining of Bitcoins by rogue employees, cyberthieves increasingly demand ransom and other payments in cryptocurrency, creating what one security expert dubbed the new "Wild West" of cybersecurity. (See Cryptocurrency Crime: The Internet's New Wild West.)

And in some cases, cybercriminals create man-in-the-middle schemes to divert Bitcoin payments meant to pay off a different criminal group as part of a ransomware scheme. In one case, the victim attempted to pay off one group seeking ransomware only to have the Bitcoin settlement diverted to another group of criminals -- and the victim's data was never restored, security firm Proofpoint observed. (See Ransomware Shows There's no Honor Among Cyberthieves.)

Related posts:

— Scott Ferguson, Editor, Enterprise Cloud News. Follow him on Twitter @sferguson_LR.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Edge-DRsplash-10-edge-articles
I Smell a RAT! New Cybersecurity Threats for the Crypto Industry
David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP,  7/9/2021
News
Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours
Robert Lemos, Contributing Writer,  7/7/2021
Commentary
It's in the Game (but It Shouldn't Be)
Tal Memran, Cybersecurity Expert, CYE,  7/9/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
How Enterprises are Attacking the Cybersecurity Problem
Concerns over supply chain vulnerabilities and attack visibility drove some significant changes in enterprise cybersecurity strategies over the past year. Dark Reading's 2021 Strategic Security Survey showed that many organizations are staying the course regarding the use of a mix of attack prevention and threat detection technologies and practices for dealing with cyber threats.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-34362
PUBLISHED: 2021-10-22
A command injection vulnerability has been reported to affect QNAP device running Media Streaming add-on. If exploited, this vulnerability allow remote attackers to run arbitrary commands. We have already fixed this vulnerability in the following versions of Media Streaming add-on: QTS 5.0.0: Media ...
CVE-2021-41127
PUBLISHED: 2021-10-21
Rasa is an open source machine learning framework to automate text-and voice-based conversations. In affected versions a vulnerability exists in the functionality that loads a trained model `tar.gz` file which allows a malicious actor to craft a `model.tar.gz` file which can overwrite or replace bot...
CVE-2021-41169
PUBLISHED: 2021-10-21
Sulu is an open-source PHP content management system based on the Symfony framework. In versions before 1.6.43 are subject to stored cross site scripting attacks. HTML input into Tag names is not properly sanitized. Only admin users are allowed to create tags. Users are advised to upgrade.
CVE-2021-27746
PUBLISHED: 2021-10-21
"HCL Connections Security Update for Reflected Cross-Site Scripting (XSS) Vulnerability"
CVE-2021-36869
PUBLISHED: 2021-10-21
Reflected Cross-Site Scripting (XSS) vulnerability in WordPress Ivory Search plugin (versions <= 4.6.6). Vulnerable parameter: &post.