Hackers Are Using Supercomputers to Mine Crypto

Published at: May 17, 2020

Hackers have attacked multiple supercomputers across Europe this week with the intention of mining cryptocurrency. Clusters of supercomputers have been forced to shut down in order to investigate the intrusions, according to a ZDNet news report on May 16.

These security incidents were reported in the UK, Germany, and Switzerland. Additionally, another possible attack occurred in a high-performance computer center in Spain, according to the report.

College campuses are the main victims

Most of the attacks appear to have targeted universities. University of Edinburgh,which runs the ARCHER supercomputer, reported the first incident on Monday.

Then, major universities’ high-performance computing clusters in the state of Baden-Württemberg, Germany also announced that they were attacked on Monday with similar security incidents, and had to be shut down.

More attacks happened in institutions in other parts of Germany, Spain, and Switzerland later in the week. Clusters in the Leibniz Computing Center, or LRZ, an institute under the Bavarian Academy of Sciences, the Julich Research Center in the town of Julich, Germany, the Faculty of Physics at the Ludwig-Maximilians University in Munich, Germany, and the Swiss Center of Scientific Computations, or CSCS, in Zurich, Switzerland were all counted amongst the victims.

SSH logins are compromised and the goal is to mine crypto

The malware samples released by the Computer Security Incident Response Team were reviewed by a US-based cyber-security firm, says the news. The Computer Security Incident Response Team, or CSIRT, is a pan-European organization that coordinates research on supercomputers across Europe.

The cyber-security company said the attackers appear to have stolen university members’ SSH credentials in Canada, China, and Poland in order to gain access to the supercomputer clusters. Secure Shell, or SSH, is a cryptographic network protocol for operating network services securely over an unsecured network.

Chris Doman, Co-Founder of Cado Security explained that:

“Once attackers gained access to a supercomputing node, they appear to have used an exploit for the CVE-2019-15666 vulnerability to gain root access and then deployed an application that mined the Monero (XMR) cryptocurrency.”

As Cointelegraph reported previously, university campuses were ranked the second biggest miners of digital currency across industry.

Tags
Related Posts
Digital intelligence must overcome challenges to solving crypto crimes
While the value of cryptocurrencies has varied wildly in the last year, this has not diminished crypto’s attractiveness to criminals. Many of them are moving their illegal activities underground and outside the view of law enforcement. Because of the public nature of most blockchains, however, this rapid movement shouldn’t be a major concern to law enforcement agencies. With the right tools and training, following the proceeds of crypto-enabled crime is actually not as difficult as it may seem. However, intelligence agencies must have a cryptocurrency investigation plan that includes the right tools to lawfully collect digital evidence and the properly …
Technology / Aug. 20, 2021
Russian Crypto Scams Triple in First Half of 2020
Cybersecurity firms have identified an exponential rise in crypto-related scams in Russia during the first half of 2020. Researchers identified 23,000 sites involved with crypto scams that are still online and targeting new victims. According to Kommersant, which cited research from Kaspersky Labs, the problem is three times greater than during the same period last year. One common example sees victims offered the chance to complete surveys in order to receive commissions — however they’re required to pay an “entrance fee” fee first. Another scam, identified by Qrator Labs, involved sites that offered victims more than $275 per hour to …
Blockchain / July 30, 2020
Expert Warns: Don’t Trust Ransomware Groups Amid Pandemic
A cybersecurity expert explained why he is convinced that the promises made by ransomware groups amid the pandemic are irrelevant. Brett Callow — threat analyst at cybersecurity firm Emsisoft — told Cointelegraph that multiple ransomware groups recently made promises to halt their activity against medical organizations amid the coronavirus pandemic. Still, he believes that those promises are irrelevant: “The claims of a ceasefire made by ransomware groups are irrelevant [and] should be completely disregarded. Would you leave your front door unlocked simply because the local burglars had pinky-promised not to rob you? Probably not. The story of the frog and …
Blockchain / April 16, 2020
Trident Crypto Fund Data Breach: 266,000 Passwords Stolen
In a major privacy breach, the usernames and passwords of more than a quarter of a million Trident Crypto Fund customers have been stolen and published online. Technical director of cybersecurity firm DeviceLock Ashot Oganesyan told Russian news outlet IZ the database — which contains email addresses, cellphone numbers, encrypted passwords and IP addresses — had been uploaded to various file sharing websites on February 20. Earlier this week, hackers decrypted and published close to 120,000 of the passwords, potentially enabling them to log into affected users’ accounts and access their funds. 10,000 Russians affected Oganesyan said that while attacks …
Blockchain / March 6, 2020
Algo Capital Ex-CTO Takes ‘Full Responsibility’ for Hot Wallet Breach
The now former chief technical officer (CTO) of Algo Capital, the investment arm of blockchain firm Algorand, has published a statement in the wake of a major security breach of an Algo hot wallet under his personal management. As Cointelegraph recently reported, Pablo Yabo’s cellphone was compromised by hackers — leading to the theft of roughly $1 million to $2 million in Tether (USDT) and Algorand (ALGO) tokens. Securing funds “in a versatile manner” remains difficult In his statement, Yabo wrote that the incident had provoked considerable reflection on his part, adding: “The state of the ecosystem and the difficulties …
Blockchain / Oct. 7, 2019