Supercomputers across Europe have fallen to cryptomining hacks

Cryptomining hacks aren’t new by any stretch, but a string of recent incidents is raising eyebrows. ZDNet reports that culprits infected multiple European supercomputers with Monero mining malware in the past week, including the University of Edinburgh’s ARCHER, five of bwHPC’scomputer clusters and most recently a cluster at Munich’s Ludwig-Maximilians University. That’s unusual by itself, but there appears to be a common thread between the hacks.Cado Security has determined that the attacks were conducted using compromised SSH (secure shell) logins from universities in Canada, China and Poland, using similar malware file names, the same vulnerability and shared technical indicators. That suggests they might be the work of the same bad actor. In the case of ARCHER, the attacks appear to have come from Chinese IP addresses.

If this is a concerted attack, the motivations aren’t completely clear. This could be a pure cash grab that relies on the power of supercomputers to mine digital currency more effectively than regular PCs. However, Cado and others have observed that this comes right as many institutions are repurposing their supercomputers for COVID-19 research. There’s a concern that this may be a roundabout way to steal research or disrupt it. Whatever the reasoning, this isn’t what supercomputer operators wanted at a time when their services are needed the most.

source: Engadget.com by Jon Fingas

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: