This site uses cookies. Browsing the site, you agree to the use of cookies. If you need more information, please visit the Cookies Policy page
Subscribe
Прямой эфир
Cryptocurrencies: 3835 / Markets: 22713
Market Cap: $ 268 940 767 312 / 24h Vol: $ 101 793 491 134 / BTC Dominance: 65.2335%

Н News

EU Supercomputers Hijacked From COVID-19 Research to Mine Cryptocurrency

European supercomputers programmed to search for a vaccine for the deadly coronavirus (COVID-19) were remotely hijacked last week for the purpose of mining cryptocurrency.

According to a report by ZDNet, multiple supercomputers across the EU were compromised by a string of malware attacks that required a shut down after it was discovered they were being used for crypto mining – also known as cryptojacking. The hackers had gained entry via stolen SSH (remote access) credentials from individuals authorized to operate the machines.

Security researcher Chris Doman, co-founder of Cado Security, told ZDNet that the malware was designed to use the supercomputers' processing power to mine monero (XMR). It is also believed a number of the compromised supercomputers were being used to prioritize research for a coronavirus vaccine, although details surrounding the hacks and the computer's purpose appear to have been left deliberately vague.

See also: Cryptojacking Malware Devs Sentenced to 20 Years in Prison

Security incident reports came from Germany, the U.K and Switzerland, with a potential hijack also said to have occurred at a high-performance computer located in Spain.

The first reported incident took place on May 11 at the University of Edinburgh, which operates the ARCHER supercomputer. "Due to a security exploitation on the ARCHER login nodes, the decision has been taken to disable access to ARCHER while further investigations take place," the university announced in a public update.

To date, the ARCHER supercomputer is still down pending further security purges, as well as a reset of its system and passwords. "The ARCHER and Cray/HPE System Teams continue to work on ARCHER and getting it ready to return to service. We anticipate that ARCHER will be returned to service later this week," the university said.

Germany-based bwHPC, an organization that coordinates research projects across supercomputers in the state of Baden-Wurttemberg, declared five of its high-performance computing clusters had to be shut down due to similar "security incidents."

A supercomputer located in Barcelona, Spain, was also impacted on May 13, with researcher Felix von Leitner declaring in a blog post that the computer had a security issue and had to be shut down.

On May 14, further incidents began cropping up with the first one coming from Leibniz Computing Center (LZR), an institute with the Bavarian Academy of Sciences. The Academy said it had disconnected a computing cluster from the internet after its security was breached.

See also: Thousands of Microsoft Servers Infected by Crypto-Mining Botnet Since 2018, Says Report

On Saturday, German scientist Robert Helling published an analysis on the malware that was infecting a high-performance computing cluster at the Faculty of Physics at the Ludwig-Maximillian University University in Munich, Germany.

And in Switzerland, the Swiss Center of Scientific Computations (CSCS) in Zurich also shut down external access to its supercomputer infrastructure following a "cyber-incident" on Saturday.

Similar incidents have occurred in the past. Earlier this year a group of hackers known as "Outlaw" began infiltrating Linux-based enterprise systems in the U.S. in order to hijack personal computing power and mine XMR.

Source

comments powered by Disqus