Compromised SSH credentials allowed a criminal group to install malware on multiple supercomputers.
Multiple supercomputer clusters across Europe have been breached and used by hackers to mine cryptocurrency.
According to a ZDNet report, researchers from facilities in Germany, Switzerland, the UK and Spain have all reported intrusions. The process of "mining" sees individuals or groups compete to solve advanced mathematical puzzle, with a quantity of cryptocurrency awarded to the successful party. The process is compute-intensive, which means the more powerful the hardware the more likely the miner to receive a cryptocurrency reward - which makes supercomputers a prime target for hacking attempts.
The University of Edinburgh, which runs the ARCHER supercomputer, was the first to notify the public of the breach. Soon after, five supercomputing clusters in Germany were forced offline for the same reason, followed by a supercomputer in Barcelona.
As the weekend progressed, further operators across Germany and Switzerland revealed their fleets of supercomputers had also suffered the same variety of attack. While it is not clear precisely how the attacks were conducted, it is thought it all began with compromised SSH credentials, stolen from universities in Canada, China, and Poland. There is no hard evidence that all attacks were conducted by the same cybercriminal group, but security researchers believe this might have been the case, given the similarity in malware samples.