Hackers invade supercomputers to mine Monero cryptocurrencies

Over the past week, there have been several hacker attacks on Europe’s supercomputers. The attackers tried to circumvent the security of the machines to mine Monero cryptocurrencies.

The act of digital vandalism featured several successive attacks on supercomputers from at least four universities in Europe. As a precaution, the machines were then temporarily deactivated to carry out safety measures.

Hackers invade several supercomputers in Europe

A group of hackers broke into several supercomputers in Europe. The attacks took place from last Monday, the 11th, until Saturday, the 16th. The invasion was characterized by successive attacks in an attempt to violate the security of supercomputers to carry out computer crime.

At least four universities in Europe have seen their machines attacked, and a fifth case is still being investigated by the authorities.

As a preventive action, the supercomputers were temporarily deactivated in order to change passwords and carry out security checks.

The first supercomputer to be attacked was the ARCHER, the machine from the Center for Engineering and Computer Sciences at the University of Edinburgh, Scotland. According to the university, it was necessary to turn off the machine after detecting suspicious movements in the login system. The SSH keys were reset to block access and prevent further intrusions and the investigation of the case was then initiated.

Archer

That same day, five more machines were compromised in Germany, in a group of universities in the state of Baden-Württemberg. This attack was similar to the previous one and affected institutions in Ulm, Stuttgart, Karlsruhe and Tübingen.

On Wednesday, May 13, there was a case that is still only suspicious, at the University of Barcelona, ​​Spain. And on Thursday, the 14th, hackers attacked the Bavarian Academy of Sciences, the Technical University of Dresden, and even a research center in the city of Julich, Germany.

All supercomputers were turned off and were left without Internet access to prevent further attacks.

On Saturday, the 16th, Switzerland was the chosen target and the attacks were carried out on the Center for Scientific Computing at the University of Zurich. Hackers hacked into supercomputers and therefore forced administrators to move them to a secure environment without external connections.

The attacks were aimed at cryptocurrency mining

None of the universities revealed details about these attacks, indicating only that the research work that was being done in the institutions suffered delays with the closure of the machines.

But it was not until Sunday, the 17th, that the motives of the attackers were known. The security team at EGI, the European organization that coordinates research on supercomputers in Europe, confirmed that the attacks were aimed at mining cryptocurrencies.

Samples of bugs used to break into the machines have been revealed, and there are also reports that the attacks happened after the theft of access credentials from international students and members of the university.

EGI also said that these phishing scams targeted several investigators from around the world with remote access to supercomputers, using stolen access credentials that belonged to members in Poland, Canada, and China.

All attacks were similar, as were the names used in the malware files. This factor implied that it was an organized group of hackers, whose identity has not yet been revealed.

As soon as the attackers accessed the machines, they used a known flaw in the Linux kernel to install the malicious software that mined the Monero cryptocurrency.

The EGI appealed to the administrators of all these machines that have increased attention, pointing out that this is the first case of coordinated attacks on similar structures. The group also regretted all the work that was interrupted due to this incident, especially the research involved in COVID-19.

For now there is still no information about restarting the affected supercomputers.

   
Izaan Zubair
Izaan Zubair
Izaan is founder of TechLapse. Izaan developed interest in computers from young age and most of his skills and knowledge are self taught. He can be reached at: [email protected]

Recent News

Appy Pie Connect Can Help Integrate Stripe with Other Software

COVID pandemic has directly contributed to the large scale adoption of online payment processing tools. Online commerce has progressed rapidly since the appearance of...

Apple acquires AI Video startup Vilynx to further improve Siri

Apple acquired Vilynx, a startup specializing in Artificial Intelligence, intending to improve Siri, the virtual assistant with iPhone, Mac, Apple Watch, etc. The developers of...

Apple’s alternative to Google reportedly in development

Hints that Apple has been developing alternative web search technologies and tools to Google have been circulating since 2015 and have re-emerged periodically ever since....
#