UPDATED 21:48 EST / MAY 17 2020

SECURITY

Supercomputers in Europe hacked to run cryptocurrency mining software

Supercomputers across Europe have been hacked over the last week by an unknown group that has been inserting cryptocurrency mining software.

At least a dozen supercomputers in Germany, the U.K., Switzerland and Spain were targeted, with many being taken offline as a result of the hacks. The first system targeted is believed to be “Archer,” a supercomputer at the University of Edinburgh that was being used to perform analysis of coronavirus research before being taken offline.

Those behind that attacks were gaining access to the targeted supercomputers by stealing login credentials from compromised networks at universities in China and Poland. According to Cado Security, it is reportedly common for users at different high-performance computing facilities to have logins for other institutions, making it easy for attackers to gain access.

In two of the security incidents, the group behind the attacks connected to the supercomputers using a compromised SSH account and then exploited a vulnerability in the Linux kernel to gain root access and install Monero or XMR cryptomining software. The cryptomining software had been set up to run only at night in attempt to avoid being discovered.

A notification from the Swiss Center of Scientific Computations in Zurich was more vague, referring to only malicious activity that resulted in external access to the center being closed until security issues were fixed.

The true motivation behind the attacks remains unknown. Although profit from the installation of the Monero mining script would appear the most obvious answer, most of the systems targeted were involved in COVID-19 research and analysis. Access to that research could be the motivation with a nation state actor behind the attacks.

If the COVID-19 research on the targeted systems was simply a coincidence, then it was certainly an unfortunate one, since the attacks disrupted ongoing research into the pandemic.

Photo: Oak Ridge National Laboratory/Flickr 

A message from John Furrier, co-founder of SiliconANGLE:

Your vote of support is important to us and it helps us keep the content FREE.

One click below supports our mission to provide free, deep, and relevant content.  

Join our community on YouTube

Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.

“TheCUBE is an important partner to the industry. You guys really are a part of our events and we really appreciate you coming and I know people appreciate the content you create as well” – Andy Jassy

THANK YOU