According to security specialist Cado Security, various supercomputer environments in Europe have been targeted by hackers. The malicious parties installed cryptomining software on these systems.
According to the security specialist, several supercomputer environments in Germany, Spain, the United Kingdom and Switzerland have been targeted by hackers. The Monero cryptomining software was installed on these systems. Many systems were taken offline by the hacks. The first affected environment was the ‘Archer’ supercomputer environment of the University of Edinburgh.
Compromised accounts
The hackers gained access to the various supercomputer environments by stealing login passwords from compromised university networks in Poland and China. High-computing environments are often shared by multiple research institutes, which makes it fairly easy for malicious parties to gain access to these environments.
In two cases, hackers gained access to the systems by using a compromised SSH account and then using a vulnerability in the Linux kernel to gain root access. Afterwards, they installed Monero or XMR encryption software.
Profit is most likely reason for hack
The reason for the hack is unknown, but the most likely reason is to make a profit. With a supercomputer you can mine crypto currency much faster. Most of the affected supercomputer environments were used for coronavirus research and analysis at the time of the attacks. There’s a chance the hackers picked their targets because of the coronavirus investigation, making the possibility of an active state actor plausible.
11 hours ago
