European supercomputers hacked to mine Monero

Posted on Monday, May 18 2020 @ 11:02 CEST by Thomas De Maesschalck
ZD Net reports multiple European supercomputers have been temporarily shut down after the discovery of security breaches. The report discusses security incidents in the UK, Germany, and Switzerland, as well as a possible case in Spain. It appears attackers have managed to hijack SSH logins. Once they gained access to the computing node, they exploited a Linux kernel vulnerability (CVE-2019-15666) to gain root access to deploy a Monero cryptocurrency miner:
The credentials appear to have been stolen from university members given access to the supercomputers to run computing jobs. The hijacked SSH logins belonged to universities in Canada, China, and Poland.

...

According to Doman's analysis, once attackers gained access to a supercomputing node, they appear to have used an exploit for the CVE-2019-15666 vulnerability to gain root access and then deployed an application that mined the Monero (XMR) cryptocurrency.


About the Author

Thomas De Maesschalck

Thomas has been messing with computer since early childhood and firmly believes the Internet is the best thing since sliced bread. Enjoys playing with new tech, is fascinated by science, and passionate about financial markets. When not behind a computer, he can be found with running shoes on or lifting heavy weights in the weight room.



Loading Comments