- Supercomputers in EU nations infected with mining malware. Some researchers found the first case in the ARCHER supercomputer.
- On Monday, hackers used malware to infect the supercomputer of the University of Edinburgh.
Supercomputers in EU nations have been infected with mining malware. Some researchers found the first case in the ARCHER supercomputer. On Monday, hackers used malware to infect the supercomputer of the University of Edinburgh. Now, the organization will reset the SSH password as they noticed
security exploitation on the ARCHER login nodes. They will also make an investigation to know the source of intrusions. On the same day, supercomputers were infected in Baden-Württemberg, Germany. They also had to shut down their high-performance computing clusters. The same type of malware-infection is possible in a high-performance computing center located in Spain.
The security researcher Felix von Leitner claimed that there are some serious security issues in supercomputers in Barcelona, Spain. As a result of Mining malware attacks, researchers of the center have shut down these supercomputers. As a preventive measure, the Swiss Center of Scientific Computations (CSCS) in Zurich, Switzerland stopped all external access. Researchers of the center have decided to shut down these supercomputers until they find a safe environment. Leibniz Computing Center (LRZ), an institute under the Bavarian Academy of Sciences also experience security breaches in their supercomputers. As a result, they have also disconnected a computing cluster from the internet.
SSH Logins and Mining Malware
No organization around the world has given any details about the intrusions in Supercomputers. However, The German scientist Robert Helling published an analysis regarding the malware that has infected so many supercomputers around Europe. Other than that, Computer Security Incident Response Team (CSIRT) released the sample of the malware and stated signs of a compromised system after the attacks of the mining or other malware.
According to Cado Security, a US-based cyber-security firm, the hackers may have gained access to these supercomputers via compromised SSH credentials. The firm further stated that these hackers stole credentials from university members. After gaining root access, they deploy an application in supercomputers to mine Monero (XMR) cryptocurrency.