Many Supercomputers Hacked Across Europe
Hackers have managed to take over many supercomputers across Europe along with crypto-miners. Supercomputers in many countries from Spain to Switzerland have been the target of attackers.
In the past, supercomputers were used by company employees for cryptocurrency mining in illegal ways. But for the first time, hackers managed to carry out the same operation on a wide scale, showing that supercomputers could also be hacked.
The hackers, who cannot be identified, installed cryptocurrency mining malware on supercomputers in many parts of Europe, including high-performance computing facilities in the UK, Switzerland, Germany and Spain, according to the Hack Read. The supercomputers that the investigation was in had to be shut down.
The first supercomputer hacking incident occurred at the University of Edinburgh, which included the supercomputer called ARCHER. When it was observed that the logic node of the supercomputer was being detonated by someone, the Secure Shell (SSH) password was turned off after being reset.
A similar incident was reported on Monday by bwHPC, which coordinated research projects on supercomputers located in Baden-Württemberg, Germany. As a result, the bwunicluster 2.0 and ForHLR II clusters from the Karlsruh Institute of Technology, the bwforcluster Justus chemistry and quantum science supercomputer from the University of Ulm, the bwforcluster BinAC bioinformatics supercomputer from the University of Stuttgart, and the Hawk supercomputer from the University of Stuttgart shut down.
Security researcher Felix Von Leitner stated that a supercomputer based in Barcelona, Spain, was also affected by these events. Such events continued to occur with Leibniz Computer Center reporting a security issue. German scientist Robert Helling said on Saturday that the high-performance computer cluster at Ludwig-Maximilians University was also affected, turning off external access points on the supercomputer of the Swiss Center of Scientific Computations.
The organizations have not reported any details on their investigations, although many supercomputers across Europe have been affected by these events. It is claimed that the reason for these events on a large scale in supercomputers is SSH entries whose privacy has been violated.
US-based cyber security firm Cado Security, which has examined some examples of malware and hidden networks, said attackers might have accessed supercomputers with SSH credentials. It was stated that this information could be stolen from university members who have access to computers.
Cado Security co-founder Chris Doman stated that the hacker can gain root access by exploiting a CVE-2019-15666 vulnerability after gaining access to the supercomputing network, and then installing the application for Monero cryptocurrency mining.
Perhaps the main interesting point of all this happened was that all of the compromised supercomputer networks are being used in COVID-19 outbreak investigations already in progress.