Japanese manufacturer Hoya temporarily shut down production at a factory in Thailand in February following a cyberattack, the company said.
Roughly 100 computers were infected with malicious software that stole user credentials, then tried to install a program that would co-opt those machines into mining for cryptocurrency. The company detected the attack before the cryptojacking software took hold, though the initial stage of the attack caused output to drop by 60 percent, Hoya said Saturday. The news first was reported by local outlets including Kyodo News and The Japan Times.
Hoya had yet to completely recover from the attack by the end of March, though one executive the attack would have “little” impact on business, according to The Japan Times. Reports have not specified what type of cryptocurrency the attackers were mining.
Tokyo-based Hoya produces lenses, imaging devices, medical equipment and other technology. It has a $21.6 billion market capitalization, according to Forbes, and more than 30,000 employees.
Cyberattacks in which hackers use their access to mine for cryptocurrency are becoming a more pressing security concern for corporate security teams, Citrix security boss Stan Black previously told CyberScoop. With chief information security officers overseeing so many applications, and monitoring an influx of emerging threats, it’s easy to miss attacks that simply use computing power to generate bitcoin, Monero and other digital cash. But companies still are footing the bill for illicit activity: some have received bills for $10 million when they expected to pay a fraction of that, Black said.
Hoya only is the latest organization to experience this kind of incident. Scammers breached the website of the Bangladeshi Embassy in Cairo to mine for cryptocurrency, CyberScoop reported in February. Before that, researchers found eight applications lurking in the Microsoft store designed to leverage users’ devices to create Monero.