Home
News
- A group of HP servers were hijacked by the attackers and utilized them as a means for mining cryptocurrency known as raptoreum, as per the reports.
- As per the report, over $110,000 worth of digital assets were swept by the attackers through hijacking.
- A vulnerability known as Log4shell was utilized by the hijackers, enabling them to obtain the system’s control remotely.
A group of HP servers was compromised by the hijackers, which were then utilized for mining cryptocurrency named raptoreum as per the reports. The group of HP servers became the largest in terms of contribution to the overall mining pool of digital asset, enabling the hijackers to sweep $110,000 worth of raptoreum.
Cryptojacking Experienced by HP Servers
A cluster of HP servers functioning for an undisclosed organization was hijacked by the attackers, who took control of the hardware and redirected it for mining cryptocurrency. Raptoreum was the name of the digital asset that was chosen by the hijackers. The coin is among the top 1000 cryptocurrencies in the market and utilizes an algorithm known as Ghostrider, mingling the proof of stake and proof of work algorithm. Primary reason the hijackers chose HP servers is the AMD Mainframe used by Ghostrider because of its sizable L3 cache. Because of its buffering rate of 256 MB on forms with 32 or more chores, Raptoreum is fruitful on AMD’s expensive Epyc node Central Processing Units.
The group of HP servers began mining raptoreum on 9th December; meanwhile, more hash power was offered as compared to hash power offered by all the parties altogether on the blockchain of raptoreum. This enabled the hijackers to sweep the raptoreum worth $110,000 in the span of 9 days between 9th December to 17th December.
The group vanished on 17th December, indicating that they might have been patched to terminate the threat upon detection.
Log4j Leveraged
A weakness that was found lately, known as Log4shell, was utilized by the hijackers, enabling them to take control over the systems. Log4j is utilized by Log4shell, which is a registry library utilized broadly in the systems based on Apache. The susceptibility was found in the starting of December, and was leveraged in this case for executing the software for crypto mining.
Discoverers of the weakness listed it as critical, because of its general utilization, even in the case of huge operations such as IBM and Microsoft. Some implementations have been patched by the software, and new ways are still being sought by the investigators so that they can be leveraged. Another discovery was made lately that the software is sensitive to domestic attacks too, which indicates that the codes can be executed by the servers remotely in the absence of the Internet.
Cryptojacking attacks were downed for the first time in the first half of 2021 as per the report named ‘Cloud Thread Report,’ which is issued by a security advisory organization, Unit 42. Meanwhile, the follow up report also discovered that 63% of third party code templates utilized for the development of the cloud infrastructure possessed unsafe configurations leading the hardware to lose control, increasing the probability of losing equipment.
Andrew is a blockchain developer who developed his interest in cryptocurrencies while pursuing his post-graduation major in blockchain development. He is a keen observer of details and shares his passion for writing, along with coding. His backend knowledge about blockchain helps him give a unique perspective to his writing skills, and a reliable craft at explaining the concepts such as blockchain programming, languages and token minting. He also frequently shares technical details and performance indicators of ICOs and IDOs.
