This week several supercomputers across Europe have been shut down for investigation after being infected with a cryptocurrency mining malware.

As per reports, these hacking attempts are witnessed by countries such as the UK, Switzerland, and Germany. Additionally, a similar incidence seems to have occurred in a high-performance device in Spain, as claimed by Felix von Leitner, a security researcher, in a blog.

Details about the malware attack

Primary reports of the attack came into notice recently from the University of Edinburgh, which operates the ARCHER supercomputer. The supercomputers in the organization experienced a “security exploitation in the ARCHER login nodes,” which were then officially shut down for investigation and to reset SSH passwords to save the system from any further intrusions.

Additionally, bwHPC, an organization that works with coordinating research projects across the state of Baden-Württemberg, Germany, reported that five of its high-performance supercomputer clusters had to be shut considering the malicious security incidents.

The five computing clusters are as follows

  • The Hawk supercomputer at HLRS (High-Performance Computing Center Stuttgart) at the University of Stuttgart
  • The bwUniCluster 2.0 and ForHLR II clusters at Karlsruhe Institute of Technology (KIT)
  • The bwForCluster JUSTUS chemistry and quantum science supercomputer at the Ulm University
  • The bwForCluster BinAC bioinformatics supercomputer at the Tübingen University

(Source:ZDNet)

Other issues that occurred were at the Leibniz Computing Center, which falls under the Bavarian Academy of Sciences and the Julich Research Center located in the town of Julich in Germany.

As per Robert Helling, who delivered analysis on malware infecting devices at the Faculty of Physics at the Ludwig-Maximilians University in Munich, the malware is sophisticated.

On Saturday, May 16, 2020, the Computer Security Incident Response Team for the EGI – The European Grid Infrastructure released some malware samples and network compromise indicators that were related to some of these incidents.