Mining Archives – Gridinsoft Blog https://gridinsoft.com/blogs/tag/mining/ Welcome to the Gridinsoft Blog, where we share posts about security solutions to keep you, your family and business safe. Thu, 15 Jul 2021 16:10:45 +0000 en-US hourly 1 https://wordpress.org/?v=93257 200474804 Ukrainian law enforcement discovered a mining farm consisting of thousands of PlayStation 4 consoles https://gridinsoft.com/blogs/ukrainian-mining-farm/ https://gridinsoft.com/blogs/ukrainian-mining-farm/#respond Thu, 15 Jul 2021 16:10:45 +0000 https://blog.gridinsoft.com/?p=5706 Last week, Ukrainian law enforcement officers discovered a huge mining farm in Vinnytsa after they noticed a large-scale electricity leak. It turned out that the attackers mined cryptocurrency right in one of the former warehouses of Vinnitsaoblenergo JSC, having illegally connected to the network. Law enforcers say that this is an illegal mining farm they… Continue reading Ukrainian law enforcement discovered a mining farm consisting of thousands of PlayStation 4 consoles

The post Ukrainian law enforcement discovered a mining farm consisting of thousands of PlayStation 4 consoles appeared first on Gridinsoft Blog.

]]>
Last week, Ukrainian law enforcement officers discovered a huge mining farm in Vinnytsa after they noticed a large-scale electricity leak. It turned out that the attackers mined cryptocurrency right in one of the former warehouses of Vinnitsaoblenergo JSC, having illegally connected to the network.

Law enforcers say that this is an illegal mining farm they discovered on the territory of the country: as a result, almost 5,000 pieces of equipment were seized. So, during searches at farm and at the address of residence of its organizers, 3,800 game consoles were seized (as you can see in the photo, this is a PlayStation 4), more than 500 video cards, 50 processors, as well as documentation on electricity consumption accounting, phones, flash drives and so on.

Ukrainian mining farm

According to preliminary data, the sum of losses from the operation of such a farm could be from 5 to 7 million UAH ($183-256 thousand) per month. At the same time, the “leakage” of such an amount of electricity could lead to poor consequences, for example, some quarters of Vinnitsa could remain without electricity.

Representatives of Vinnitsaoblenergo JSC have already stated that the company had nothing to do with an illegal farm, and “equipment designed for cryptocurrency mining has never worked in the premises belonging to the company”.

Interestingly, the local media writes that law enforcement officers most likely found not a mining farm, but a farm of game bots (hence the abundance of PlayStation 4 Slim, which are not very good for mining), which, for example, could grind the in-game currency and upgrade accounts for the football simulator FIFA.

Users of Western resources noted that the photo shows PS4 Slim, which are extremely ineffective for mining cryptocurrency due to their low capacity. They say that for such an operation it would be more expedient to use the PS4 Pro. In addition, there were disks sticking out of the consoles, well, it didn’t fit in with the cryptocurrency version.Ukrainian media write.

The SBU representatives confirmed that the attackers bred bots to sell accounts in FIFA 21. The bots actually earned in-game currency during the time spent in the game, then to spend it on cards with football players in Ultimate Team mode, and then they sold accounts with decent sets of rare cards at various trading platforms. And such a product is in great demand, because the legal receipt of the strongest cards requires tenfold, even hundredfold higher sums compared to a quick purchase of an already pumped account.

It is still unknown whether the owners of the bot farm managed to recoup their investments – more than 30,000,000 hryvnia (more than $1 million) were spent on the consoles only, not forgetting about half a thousand video cards.

Criminal proceedings under Part 2 of Art. 188-1 (theft of water, electrical or thermal energy through its unauthorized use) has already been opened. Attackers face up to three years in prison.

Let me remind you that I also talked about the fact that the Ukrainian cyber police in cooperation with Binance detained operators of 20 cryptocurrency exchangers.

The post Ukrainian law enforcement discovered a mining farm consisting of thousands of PlayStation 4 consoles appeared first on Gridinsoft Blog.

]]>
https://gridinsoft.com/blogs/ukrainian-mining-farm/feed/ 0 5706
Microsoft warns of mining attacks on Kubernetes clusters https://gridinsoft.com/blogs/mining-attacks-on-kubernetes-clusters/ https://gridinsoft.com/blogs/mining-attacks-on-kubernetes-clusters/#respond Thu, 10 Jun 2021 20:33:24 +0000 https://blog.gridinsoft.com/?p=5577 Microsoft has warned of ongoing attacks on Kubernetes clusters running Kubeflow (an open source project that allows running super powerful machine learning computing on top of Kubernetes clusters). Criminals use them to deploy malicious containers that mine Monero and Ethereum cryptocurrencies. Researchers say the attacks appear to be a continuation of a campaign that was… Continue reading Microsoft warns of mining attacks on Kubernetes clusters

The post Microsoft warns of mining attacks on Kubernetes clusters appeared first on Gridinsoft Blog.

]]>
Microsoft has warned of ongoing attacks on Kubernetes clusters running Kubeflow (an open source project that allows running super powerful machine learning computing on top of Kubernetes clusters).

Criminals use them to deploy malicious containers that mine Monero and Ethereum cryptocurrencies.

Researchers say the attacks appear to be a continuation of a campaign that was discovered last April. Although that campaign peaked in June and then dwindled, new attacks began in late May 2021 when researchers noticed a sudden increase in deployments of the open source machine learning library TensorFlow, adapted for mining.

This is not the first time we see attackers use legitimate images for running their malicious code. Particularly in this case, the existence of TensorFlow images in the cluster makes a lot of sense: It’s not uncommon to find TensorFlow containers in a ML workload. If the images in the cluster are monitored, usage of legitimate image can prevent attackers from being discovered.Report Microsoft researchers.

In this case, deployments in different clusters occurred simultaneously.

The burst of deployments on the various clusters was simultaneous. This indicates that the attackers scanned those clusters in advance and maintained a list of potential targets, which were later attacked on the same time.specialists write.

Although the pods used by the hackers were taken from the official Docker Hub repository, they were modified to mine cryptocurrency. At the same time, all pods are named according to the sequential-pipeline-{random pattern} pattern, which now makes it quite easy to detect possible compromises.

attacks on Kubernetes clusters

According to the company, in order to gain access to clusters and deploy miners to them, attackers search the network for incorrectly configured and publicly available Kubeflow dashboards that should be open only for local access.

Attackers deploy at least two separate modules on each of the compromised clusters: one for CPU mining and the other for GPU mining. So, XMRig is used to mine Monero using a CPU, and Ethminer is used to mine Ethereum on a GPU.

Microsoft recommends that administrators always enable authentication on Kubeflow dashboards if they cannot be isolated from the internet and control their environments (containers, images, and the processes they run).

Let me remind you that I wrote that Microsoft developed a SimuLand lab environment for simulating cyberattacks.

The post Microsoft warns of mining attacks on Kubernetes clusters appeared first on Gridinsoft Blog.

]]>
https://gridinsoft.com/blogs/mining-attacks-on-kubernetes-clusters/feed/ 0 5577