Supercomputers across Europe were hacked to exploit virtual money
The attack forced these supercomputers, including a supercomputer participating in research on Covid-19, to be shut down to conduct investigations and remediate consequences.
A series of supercomputers in Europe, including at least one supercomputer being used to study Covid-19, were shut down completely last week due to hackers secretly installing cryptocurrency mining malware. into these machines.
Starting early last week, ARCHER supercomputers in the UK and other high-performance computers in Germany and Switzerland have been shut down in response to this cyberattack. " We now believe this is a serious problem for the entire research community as a whole series of computers have been compromised in the UK and elsewhere in Europe ." The ARCHER managers said.
Although no organization has published details about the incident, the security research group CSIRT (Computer Security Incident Response Team) of EGI (European Grid Infrastructure) has revealed the source of the problem: a hacker group. stole remote access to these supercomputers to mine the Monero virtual currency.
To gain remote access, a hacker group first invades computers belonging to academic institutions that often use supercomputers to research. These computers often contain keys that allow Secure Shell (SSH) remote access to these high-performance computers.
" Attackers are moving from victim to victim using compromised SSH credentials ." EGI said. Tracking IP addresses to host attacks shows that they are from China, Poland and Canada, but connections seem to take place within the compromised computers or through servers belonging to about Tor Networks, so it is difficult to say exactly who was responsible for this incident.
Security firm Cado Security also investigated a sample of malware used in the attack, and found evidence that hackers have found a way to mine malware to mine their cryptocurrency on an American supercomputer.
Malware-infected supercomputers in Europe, meanwhile, are still trying to push hackers out of their systems. The ARCHER supercomputer, which has tools for researching Covid-19, hopes to be able to resume operations this week.
" When ARCHER returns to service, all users will be required to use two-factor authentication to access the service: an SSH key with a passphrase and their ARCHER password ." The supercomputer administrator said on Monday. " It is imperative that you do not reuse the password or the SSH key with the previously used passphrase ."
Update 19 May 2020
You should read it
- 14 cryptocurrencies, the most popular digital currency today
- Prosecuting two directors of virtual money bitcoin
- How to Properly Evaluate Crypto Betting Sites
- The exchange crashed, turning many virtual currency investors into USD billionaires in a few hours
- ICP Just appeared 1 day, the infinity virtual currency is causing market fever
- Things You Can Do to Protect Yourself from Cyberattacks
- Ethereum phishing attacks help criminals earn $ 15,000 in 2 hours
- What is virtual memory? How to set Virtual memory for Windows computers
- Intel launched a super-saving computer model priced from 3 million
- Top best virtual RAM creation software on today's computer
- Prosecuting two directors for bitcoin business
- Is it good to use USB as a virtual memory for the computer?
Maybe you are interested
Enable or disable Secure Boot via the ASUS UEFI BIOS utility How to temporarily lock the computer when entering the wrong password many times How to Add a Password to a .Bat File How to use ASCII characters to create strong passwords How to prevent DDoS attack with Nginx Techniques to exploit buffer overflows: Organize memory, stack, call functions, shellcode