European Supercomputers used for COVID Treatment Hacked By Crypto-Miners

A series of supercomputers across Europe have been hacked by an unknown group.

Computer servers
All the affected supercomputers are currently shut down and experts are working to address the problem

In the past week, an unknown group of hackers has infiltrated supercomputers across Europe and installed cryptocurrency mining software.

More than a dozen supercomputers in the UK, Germany, Spain and Switzerland fell victim to the hack. As a result, many were taken offline and completely shut down.

On Monday, German organisation bwHPC published a message announcing that five of their supercomputers had been compromised due to the cryptominer infection:

“Dear users, due to an IT security incident the state-wide HPC systems bwUniCluster 2.0, ForHLR II, bwForCluster JUSTUS, bwForCluster BinAC, and Hawk are currently not available. Our experts are already working on an assessment of the problem.”

It is believed that the first system the hackers targeted was the ‘Archer’, a supercomputer based in the University of Edinburgh that was being used to conduct research on the COVID-19 pandemic.

The people behind the attacks managed to gain access to the supercomputers in question by obtaining login credentials from networks that had already been compromised in China and Poland.

Cado Security, a software platform for digital forensics and cyber-security incidents, explained that it is common practice for users at different high-performance computing facilities to have login access to other institutions as well, which makes it easier for attackers to hijack the system.

In two of the incidents, the group of hackers behind the attacks formed a connection to the supercomputers with a compromised SSH account. They then proceeded to exploit a vulnerability in the Linux kernel to get root access and install Monero, or XMR software, for cryptomining.

To prevent the software from being discovered, hackers set to only run only at nighttime.

The true motivation behind this string of attacks remains unknown; while profit from installing the Monero mining script is the most obvious answer, it is noteworthy that a majority of the supercomputers and systems targeted were involved in the research and analysis of the coronavirus. Some believe that this could establish access to this information as the primary motivation, with a nation-state actor orchestrating the attacks.

FOREX.com
Trade on popular Crypto markets
Go long or short on cryptos from 10p a point
A trading partner you can trust
Start Trading
Forex trading involves significant risk of loss and is not suitable for all investors.
LonghornFX
The broker offers access to a trusted MetaTrader trading system
Pricing is ensured to be completely transparent, also providing accuracy and speed.
Trade a Wide Variety of Assets with Leverage up to 1:500
Start Trading
CEX.IO
Margin Trading
Legal compliance
Cryptocurrency staking
Start Trading