Several cases of supercomputer infection have been reported in Europe. Cryptocurrency mining malware has been detected on these systems. The supercomputers have been shut down while investigating. The Ukrainian government recently announced plans to use power from its power plants to mine cryptocurrency. Until now, the exploitation of these infrastructures has been mainly the result of malicious acts. Moreover, these cybercrime operations are on the increase in Europe. They mainly target supercomputers.
These high-performance systems have a very large computing power. They are therefore of obvious interest for crypto-mining. Stolen credentials to connect to supercomputers Several security incidents have been reported on the Old Continent. This is the case in the United Kingdom, Germany and Switzerland, in particular. Suspected hacking of a supercomputer in Spain is also raised. The first case was identified early last week. The attack hit the ARCHER supercomputer at the University of Edinburgh in Scotland. In Germany, five high performance computing clusters also had to be shutdown due to a security incident.
And other similar attacks have been reported by security researchers and IT infrastructure operators. Each time, the attackers had access to the systems thanks to compromised SSH identifiers. If the details of the intrusions are not specified, a European body overseeing research on supercomputers (the European Grid Infrastructure) has gathered information. Malware samples and network compromise indicators have been released. I
ntrusions exploited to mine Monero Cybersecurity company Cado Security said hackers took advantage of compromised SSH logins to connect to supercomputers. These access codes were allegedly stolen from researchers carrying out work on these computing systems. There are indications that the same group of hackers may have been behind these attacks.
And these intrusions therefore allowed the exploitation of a vulnerability in order to install cryptocurrency mining software, in this case Monero (XMR). These targeted attacks are not a first, however. However, they were the work of employees and not the result of outside intrusions. In February 2018, the Russian authorities, for example, arrested engineers from the Russian Nuclear Center. The latter hijacked a supercomputer for crypto-mining. In the same year, it was the Australian Meteorological Bureau that found a similar crime involving some of its employees.