Hackers Are Trying to Mine Crypto Using Russian Government Servers, Expert Says

Hackers are increasingly attacking Russia's government IT infrastructure to mine crypto, a law enforcement-affiliated expert said in a conference on Thursday.

According to Nikolai Murashov, deputy director of the National Coordination Center for Computer Incidents, hackers have been actively exploiting the IT infrastructure of Russia's government bodies, defense contractors, medical entities and research institutes to mine cryptocurrencies. He said this during his speech at the Infoforum conference in Moscow, though he didn't provide specific details about these attacks, the TASS news agency reported.

At the same time, researchers at the Group-IB cybersecurity firm say that crypto mining is actually one of the least popular ways for hackers to raise funds, both globally and in Russia in particular. According to Group-IB's "Hi-Tech Crime Trends 2020–2021" report, published past November, the main cybersecurity threat for companies is encrypting malware.

"Even those hacker groups that previously attacked banks to pull money out via card processing, ATMs and SWIFT are now using encrypting malware," Group-IB spokesperson Pavel Sedakov told CoinDesk. Demanding a big chunk of money right away appears to be a more attractive tactic than waiting until the mining software accumulates enough crypto, he said. Plus, now the attackers are demanding that a victims pays twice: both for decrypting the data and for not publishing it online.

Sometimes, governments employees themselves abuse access to computers at work to mine crypto. In December 2019, Murashov said two Russian nationals were prosecuted for using the government IT infrastructure, including a municipal water utility company, for mining. Also in 2019, several employees of the All-Russian Scientific Research Institute of Experimental Physics in Sarov were sentenced to fines and prison time for mining on computers in a nuclear research lab.

Read more: Russia and US Dominate Global Dark Market Traffic: Report

The National Coordination Center for Computer Incidents was created by the Federal Security Service (FSB) in 2018 to maintain the safety of crucial parts infrastructure in Russia. FSB is also supervising everything related to cryptography used by government entities in Russia, including the use of cryptography by enterprise blockchain projects.