Gov’t Servers in South Korean City ‘Infected with Crypto Mining Malware’

Government servers in the South Korean city of Daejeon have been infected with crypto mining malware, according to an audit conducted by the nation’s Ministry of Public Administration and Security. During a biannual audit, it was discovered that the city’s information system had been compromised with malicious code used for crypto mining. The auditors identified cyber breaches on two servers, with one being infected with mining malware through exposed administrator account passwords. The second server was used as a hacking transit point to further spread the crypto mining malware. The city’s cyber response team detected abnormal activities within eight days, quarantined the network, and reported the incident to the National Intelligence Service. The auditors attributed the security breaches to oversights such as inadequate administrator account password protection and the failure to conduct necessary annual diagnostic checks on a significant number of information system server devices. The ministry ordered the Daejeon Mayoral Office to take necessary measures to prevent similar incidents in the future. This incident follows a previous case in Seoul where a government employee used city-provided energy to mine Ethereum underneath a prestigious opera house.