Multiple supercomputers across Europe have been infected this week with cryptocurrency mining malware and have shut down to investigate the intrusions.
Security incidents have been reported in the UK, Germany, and Switzerland, while a similar intrusion is rumored to have also happened at a high-performance computing center located in Spain.
The first report of an attack came to light on Monday from the University of Edinburgh, which runs the ARCHER supercomputer. The organization reported "security exploitation on the ARCHER login nodes," shut down the ARCHER system to investigate, and reset SSH passwords to prevent further intrusions.
The bwHPC, the organization that coordinates research projects across supercomputers in the state of Baden-Württemberg, Germany, also announced on Monday that five of its high-performance computing clusters had to be shut down due to similar "security incidents." This included:The Hawk supercomputer at the High-Performance Computing Center Stuttgart (HLRS) at the University of Stuttgart The bwUniCluster 2.0 and ForHLR II clusters at the Karlsruhe Institute of Technology (KIT) The bwForCluster JUSTUS chemistry and quantum science supercomputer at the Ulm University The bwForCluster BinAC bioinformatics supercomputer at the Tübingen University
Reports continued on Wednesday when security researcher Felix von Leitner claimed in a blog post that a supercomputer housed in Barcelona, Spain, was also impacted by a security issue and had been shut down as a result.
More incidents surfaced the next day, on Thursday. The first one came from the Leibniz Computing Center (LRZ), an institute under the Bavarian Academy of Sciences, which said it was disconnected a computing cluster from the internet following a security breach.
The LRZ announcement was followed later...