It seems as though some hackers got into the University of Edinburgh's ARCHER supercomputer, forcing administrators to recently shut it d own and look into the attack. It's forced them to reset all SSH passwords, too.
Computer Security Incident Response Team (or CSIRT for short) for the European Grid Infrastructure (EGI) have released samples of the malware used, as well as network compromise indicators for some of the hacks on the ARCHER supercomputer. Other security researchers have since reviewed the samples and said hackers were successful in their infiltration of the ARCHER supercomputer through compromised SSH credentials.
ZDNet reports that the first report of an attack on ARCHER on Monday, reporting a "security exploitation on the ARCHER login notes". System administrators quickly shut the ARCHER supercomputer down, and reset SSH passwords to stop future attacks.
ZDNet was told by Cado Security that the crafty hackers seem to have used an exploit for CVE-2019-15666 in order to gain root access, deployed an application onto the ARCHER supercomputer, which then saw its immense computational horsepower used to mine the Monero (XMR) cryptocurrency.
You can read more on the attack here.
- > NEXT STORY: This immune system finding could save many coronavirus patients lives
- < PREVIOUS STORY: Ex-WHO boss: coronavirus could 'burn out naturally', no vaccine needed