HP-Branded Servers Hijacked to Mine $110,000 Price of Cryptocurrency

Hackers just lately took management of a bunch of HP-branded servers and used them to remotely mine a cryptocurrency referred to as raptorial, in line with reviews. This resulted in the compromised cluster of HP machines changing into the most important contributor to the entire mining pool of the cryptocurrency, permitting attackers to rake in $110,000 price. The cash is mentioned to have been mined between December 9 and December 17.

HP Servers Undergo Cryptojacking Assault

A gaggle of HP servers working for an undisclosed firm was attacked by hackers that managed to take management of the {hardware} and repurpose it to mine cryptocurrency. The crypto chosen by the hackers was referred to as raptorial, a coin within the high 1,000 by market cap that takes benefit of an algorithm referred to as Ghostrider, mixing PoW (proof-of-work) and PoS (proof-of-stake) consensus mechanisms.

The server cluster began mining raptorial on December 9, and on the time, it offered extra hash energy than all different events mixed on the Raptoreum blockchain. This allowed the attackers to rake in additional than $110,000 price of raptorial within the interval between December 9 and December 17.

The server group disappeared from the Raptoreun community on December 17, a sign that they may have been patched to get rid of the menace after it was detected.

Log4j Leveraged

The assault used a just lately found vulnerability referred to as Log4shell, which permits attackers to realize management of a system remotely. Log4shell makes use of Log4j, which is a registry library used broadly in Apache-based programs. This vulnerability was found in early December, and in this case, it was leveraged to go the execution of a crypto mining software program.

The vulnerability has been categorized as crucial by its discoverers resulting from how widespread its utilization is, even on the subject of huge operations like Microsoft and IBM. Whereas the software program has been patched in a few of its implementations, investigators are nonetheless discovering new methods during which it may be leveraged. It was just lately found that the software program can be weak to native assaults, which means that the servers could be executing code remotely without being related to the web.

In the course of the first half of this yr, cryptojacking assaults have decreased for the primary time since 2018, in line with a report titled “Cloud Thread Report,” issued by Unit 42, a safety consulting agency. Nonetheless, in a follow-up report, the agency additionally discovered that 63% of third-party code templates utilized in constructing cloud infrastructure contained insecure configurations that would result in dropping management of the {hardware}.

What do you concentrate on the assault on HP-branded servers to mine raptorial? Inform us within the feedback part beneath.