Security researcher finds an illegal crypto-mining botnet that has infected the web server of the US Department of Defense
A security researcher discovered a botnet on a web server operated by the US Department of Defense in order to unnoticedly mine the crypto currency Monero. The Indian security researcher Nitesh Surana already revealed the exploit on January 4 on the website hackerone. He discovered that it was possible to access the server without a password. The Ministry of Defence then secured the vulnerable server.
However, the server had already been compromised before the vulnerability was found: “The main effect of this vulnerability is that an attacker can exploit the vulnerability and gain access to critical internals of the server,” wrote the security researcher in his report to the US Department of Defense. As a result, an attacker can use the Java programming language to execute remote commands on the server and upload any file.
In the event that an attacker uploads a file that attacks the server and gives it complete control over the server, “this can later lead to a critical information leak and other catastrophic events, as the instance can be manipulated by the attacker’s abilities,” Surana said. However, the US Department of Defense acted quickly and recently was able to close the gap once and for all and thus eliminate the problem.
This is not the first time that someone has used the state apparatus to mine crypto currencies. Last year, employees of a Russian nuclear warhead facility were fined for illegally using the department’s supercomputer to mine Bitcoin. The computer is powered by a petaflop, which corresponds to a thousand trillion operations per second.