According to reports, hackers recently gained control over a number of HP-branded servers to mine cryptocurrency called Raptoreum remotely. The compromised HP cluster became the largest contributor to the entire cryptocurrency mining pool, which allowed attackers to make $110,000. They are believed to have been mined in the period December 9-17.
HP Servers Suffer Cryptojacking Attack
Hackers took control of a group of HP servers that were being used by an unnamed company and managed to repurpose the hardware to mine cryptocurrency. The hackers chose to use raptoreum crypto, which is a cryptocurrency in the top 1,000 according to market cap. Ghostrider (proofs-of-work and proof-of-stake consensus) was used by the hacker group.
This server cluster, which began mining Raptoreum in December 9, provided more than every other Raptoreum party combined. In the 12 months between December 9th and December 17, the attackers made more than $110,000 of raptoreum.
Raptoreun’s network was wiped out by the server group on December 17. This suggests that it could have been fixed to remove the threat.
Log4j Leveraged
Log4shell was a vulnerability recently found that allowed attackers remote control over a system. Log4shell used Log4j to access a Registry Library that is widely used in Apache-based systems. The vulnerability was found in December and was exploited in order to allow the execution of crypto-mining software.
Because of its widespread use, the vulnerability was deemed critical by its researchers. This is despite it being used in large operations such as Microsoft or IBM. Even though the problem has been addressed in some instances of the software, it is still being investigated by investigators to discover new ways that they can exploit. The software was also susceptible to local attacks. This means that servers could execute code remotely, even if they are not connected to the internet.
During the first half of this year, cryptojacking attacks have decreased for the first time since 2018, according to a report titled “Cloud Thread Report,” issued by Unit 42, a security consulting firm. The firm found out that 63% (3rd-party code templates) used to build cloud infrastructure had insecure configurations, which could result in losing control over the hardware.
Do you have any thoughts on the HP-branded server attack to mine Raptoreum? Leave your thoughts in the comment section below.
Images CreditsShutterstock. Pixabay. Wiki Commons
DisclaimerThis information is provided for educational purposes only. This article is not intended to be a solicitation or offer to sell or buy any product, service, or company. Bitcoin.com is not a provider of investment, tax, legal or accounting advice. This article does not contain any information, products, or advice that can be used to cause or alleged result in any kind of damage.