Hackers made $110,000 mining remotely on hijacked HP servers

[mongeese]

In brief: Between December 9 and 17, a data center of HP servers was the largest contributor to the Raptoreum cryptocurrency’s blockchain. At its peak, the center’s output exceeded that of every other mining system combined. A later investigation found that the servers were most likely under the control of hackers during the period, who would have made approximately $110,000.

At present, the company whose servers were hacked hasn’t made itself known. They’re likely one of the hundred or so major computing groups that have reported themselves as victims of the viral Log4J vulnerability this month, whose number include Amazon, IBM, and Microsoft.

The Log4J vulnerability was found in early December to enable the remote execution of arbitrary code, even on systems running as a localhost with no external connections. It’s since broadly been patched, although it continues to plague servers in niche circumstances.

It was the sudden disappearance of the HP server group on December 17 indicating that the servers had been patched which revealed they were being used non-consensually. One of them, though, has been continuing to mine; possibly it failed to patch, or else it’s being kept as a honeypot.

All of this information is viewable through the Raptoreum blockchain. Its developers are bringing attention to it to dispel the rumor that Raptoreum is unstable. Raptoreum’s base algorithm, GhostRider, is a proof-of-work and proof-of-stake blend that’s intentionally resistant to accelerators and other causes of instability.

GhostRider is particularly fond of AMD CPUs because of their large L3 cache. Raptoreum is surprisingly profitable on AMD’s pricy Epyc server CPUs because of their 256 MB of cache on models with 32 or more cores. This likely prompted the hackers to target the HP servers, which were found in an informal investigation conducted by Raptoreum’s developers to be 9000-series and using Epyc processors.

During the period in which the HP servers were mining, the address they belonged to accumulated about 30% of the total block reward or 3.4 million RTM. It was worth around $110,000 when the hackers sold half of it on CoinEx but the half they’ve kept has slightly decreased in value since.

Masthead credit: Lars Kienle

Permalink to story.

https://www.techspot.com/news/92745-hackers-made-110000-mining-remotely-hijacked-hp-servers.html

 

[QuantumPhysics]

Mining at Work or mining using someone else's resources - stealing energy and computing time is an old trick.

Lawmakers need to deal with cryptocurrency thieves harshly and immediately.

 

[Cycloid Torus]

Human parasites. Might be a good use for Ivermectin.

 

[ScottSoapbox]

I need to consider changing to hacking for a career. That's four months' salary right there and they did it a week.

I blame my high school guidance counselor for leading me astray.

 

[yeeeeman]

Mining needs to become illegal. In any case mining doesn't make anything useful and the value is mostly based on market feeling

 

[TeamTech]

Mining needs to become illegal. In any case mining doesn't make anything useful and the value is mostly based on market feeling

So by your thinking Gaming as well should be illegal. Gaming doesn't make anything useful and the value is based on market feeling.

 

[bexwhitt]

So by your thinking Gaming as well should be illegal. Gaming doesn't make anything useful and the value is based on market feeling.

Gaming doesn't take a noticeable percentage of the world resources to count arbitrary calculations, but the blockchain will die by itself once bitcoins have been mostly mined.

 

[kiwigraeme]

Mining at Work or mining using someone else's resources - stealing energy and computing time is an old trick.

Lawmakers need to deal with cryptocurrency thieves harshly and immediately.

I sold my accommodation business - a backpackers - but I did wonder about EVs - there have been stories from years ago - I people parking say close to some facility and hooking up to an external outlet - to think in my travels in the 90s - I use to feel guilty recharging my music player in a library - roll forward - libraries are full of people with laptops , phones charging , I never did anything wicked like ripping CDs, DVDs in libraries - I did see someone get told off doing this . My main bugbear is someone watching pron in a library - always snitch on them - esp. when they don't even try to hide the fact - and they don't look mentally ill- librarians are too nice - some of them should be on a list - as they know kids etc will walk by

 

[Nobina]

It's all HP servers are good for.

 

[Neatfeatguy]

Raptoreum.....that crypto coin isn't worth much since it just started and it seems to be going downhill still.

From what I can gather, raptoreum likes L3 cache. The more you got, generally the more you mine. In what I've seen myself, my 5900x can mine around 40 raptoreum coins a day. I think I mined around 1200 coins, but stopped about mid December, so I don't know if things have changed.

Uptick in Raptoreum mining was reported to be seen around December 9th and through the 17th, when the servers were pulled off line and/or the Log4J vulnerability was patched.

Average price of Raptoreum during that stretch of time was around $0.027168.
So, $110,000 means roughly 4 million coins were mined.

If I can pull off around 40 coins a day and I wanted to mine 4million coins, that would take me around 100,000 days or almost 274 years.

Holy crap, that's a lot mining power they syphoned off those servers. That's pretty impressive, if you ask me.