Hacker Hijacks HP AMP EPYC Servers For Raptoreum Crypto Mining


It didn’t take long for hackers to weaponize a critical Java vulnerability for profit. Using the Log4J exploit, an unidentified actor managed to wrestle control of HP’s AMD-based 9000 EPYC servers, turning the powerful hardware into cryptocurrency miners. The feat provoked a doubling of the hash rate for the CPU-based cryptocurrency Raptoreum (RTM) from 200 MH/s to 400 MH/s before most of the exploited machines were brought offline.

Log4J is a Java vulnerability recently outed as part of the famous Apache suite and merited the highest-possible threat classification (10) under the “CVSS 3.0” guidelines. This is because the exploit doesn’t require physical access and allows for escalation of privileges to trick the system into connecting to, downloading, and running malware from a hacker-controlled server. Several software providers have patched the vulnerability, but that wasn’t the case for HP’s EPYC 9000 machines.



Read More: Hacker Hijacks HP AMP EPYC Servers For Raptoreum Crypto Mining

Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments