A series of supercomputers from different regions in Europe have been hacked by attackers to mine Cryptocurrency. These computers are infected by cryptocurrency mining malware and many of them were shut down to investigate the issue.
The first-ever report comes from the University of Edinburgh. Their ARCHER supercomputer has been affected by the malware and the officials shut down the ARCHER system to investigate the issue. They have also reset SSH passwords to prevent further attacks.
As of now, the attack has been reported in various countries including Germany, Switzerland, and the UK.
Five high-performance computing clusters from bwHPC was shut down due to the same reason. Below given are the computers shut down due to the same reason.
- The Hawk supercomputer at the High-Performance Computing Center Stuttgart (HLRS) at the University of Stuttgart
- The bwUniCluster 2.0 and ForHLR II clusters at the Karlsruhe Institute of Technology (KIT)
- The bwForCluster JUSTUS chemistry and quantum science supercomputer at the Ulm University
- The bwForCluster BinAC bioinformatics supercomputer at the Tübingen University
bwHPC is an organization that coordinates research projects across supercomputers in Baden-Württemberg, Germany,
Apart from these a number of other incidents were also reported.
- A supercomputer housed in Barcelona, Spain.
- Leibniz Computing Center (LRZ), Bavarian Academy of Sciences
CSCS in Zurich had also shut down external access to their supercomputer infrastracutre
How attackers gained access to the system?
After analyzing the sample given by the Computer Security Incident Response Team (CSIRT) for the European Grid Infrastructure (EGI), a pan-European organization that coordinates research on supercomputers across Europe, a cybersecurity firm, Cado Security has said that it is via compromised SSH credentials that attackers managed to gain access to the computers.
Almost no organization shared any detailed information regarding the intrusion as of now.