Supercomputers across Europe have fallen to cryptomining hacks

Cryptomining hacks aren’t new by any stretch, but a string of recent incidents is raising eyebrows. ZDNet reports that culprits infected multiple European supercomputers with Monero mining malware in the past week, including the University of Edinburgh’s ARCHER, five of bwHPC’scomputer clusters and most recently a cluster at Munich’s Ludwig-Maximilians University. That’s unusual by itself, but there appears to be a common thread between the hacks.Cado Security has determined that the attacks were conducted using compromised SSH (secure shell) logins from universities in Canada, China and Poland, using similar malware file names, the same vulnerability and shared technical indicators. That suggests they might be the work of the same bad actor. In the case of ARCHER, the attacks appear to have come from Chinese IP addresses.

If this is a concerted attack, the motivations aren’t completely clear. This could be a pure cash grab that relies on the power of supercomputers to mine digital currency more effectively than regular PCs. However, Cado and others have observed that this comes right as many institutions are repurposing their supercomputers for COVID-19 research. There’s a concern that this may be a roundabout way to steal research or disrupt it. Whatever the reasoning, this isn’t what supercomputer operators wanted at a time when their services are needed the most.

source: by Jon Fingas

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: