In a startling but unfortunate incident, hackers took control of HP-branded servers to remotely mine crypto. They compromised a cluster of HP machines, mining over $110,000 worth of crypto.
The hackers managed to take control of the hardware and program it to mine crypto. Moreover, they selected Raptoreum as the crypto for mining.
Raptoreum is a coin in the top 1,000 by market cap. However, that isn’t the only reason for choosing it. As a matter of fact, Raptoreum takes advantage of an algorithm called Ghostrider.
Ghostrider is a blend of PoW (proof-of-work) and PoS (proof-of-stake) consensus mechanisms. The server cluster started this illegal operation on 9th December. An interesting fact is that the cluster provided more hash power than the combined worth of other parties on the Raptoreum blockchain.
All in all, hackers were able to take in more than $110,000 worth of Raptoreum between 9th to 17th December.
Following that, the server group disappeared from the network, showing that hackers preprogrammed the patch to eliminate the threat after detection.
This attack took advantage of the vulnerability known as Log4shell. Log4shell allows attackers to gain unwanted access to the system remotely. Basically, Log4shell uses a registry library, widely used in Apache-based systems known as Log4j.
Many discovered this vulnerability earlier this week and attackers leveraged it in order to pass the execution of crypto mining software.
Big Tech companies such as Microsoft and IBM are aware of this vulnerability and have classified it as critical. Although some implementations have patched the vulnerability, investigators are still searching for new ways to take care of this vulnerability.