European Supercomputers Latest Victims in Cryptomining Hacks Author: Ali Raza Last Updated: 18 May 2020 Cryptomining hacks have been in the world for quite a length of time. It’s just one of those eventualities that came from the crypto industry developing. However, there’s a new trend that’s causing a lot of worry around the globe. According to reports issued out by ZDNet, criminal actors have managed to infect multiple supercomputers across Europe with a mining malware for Monero. They’ve been doing this for the past week, aiming at things like ARCHER, the University of Edinburgh’s computer network. More victims on the list include five computer clusters of bwHPC within the Ludwig-Maximilians University in Munich. Attacks From Chinese IP Addresses The hacking of supercomputers, in general, is concerning in and of itself, but there seems to be something in common between these hacks. Cado Security, a cybersecurity firm, has concluded that these attacks were conducted through the use of a compromised SSH (secure shell) login within universities of China, Canada, and Poland. They were all done through the use of similar malware file names, shared the same technical indicators, and used the same vulnerabilities. This trend suggests that it’s a conscious effort from a single criminal actor. What’s troubling is that the attack on ARCHER signified a Chinese IP address as the source thereof. The Many Concerns Should this be a deliberate attack on the supercomputers of Europe, it’s as of yet unclear as to what the motivations could be. It’s speculated that it’s a pure cash grab, relying on the computing power of the supercomputer networks to mine digital currencies with greater efficiency than regular PCs. However, Cado took notice of the fact that these hacks came just as many institutions were starting to repurpose their various supercomputers to prioritize research for the COVID-19 pandemic. As such, concerns have been raised that this is an indirect method of stealing or otherwise disrupting research. Regardless of the reasoning, these attacks could not happen at a worse time, as all supercomputer operators are needed to serve to handle the ongoing pandemic. Disruptions Cost Lives The COVID-19 pandemic has caused a lot of chaos in the world, particularly in the financial sector. Most of the global economies have started to nosedive as terrified investors scrambled to get liquidity for the perceived trying times. While many countries are trying to counteract it, it will probably remain so until someone develops a vaccine. Supercomputers like these help streamline the process to be far quicker than before. Disrupting this workflow could potentially cause the deaths of many people who would’ve been vaccinated by the time they got it, themselves.