Well, we've seen past stories on viruses co-opting Raspberry Pi units to mine cryptocurrency, and websites mining a few coins on their viewers' systems, but it took some crafty boffins in Russia to really give the issue some scale. International Business Times has the story, dated 9 Feb 2018...
Russian security officials arrested a number of scientists working at a secret Russian nuclear weapons facility for allegedly using lab equipment to mine for cryptocurrencies, according to Russia's Interfax News Agency.
[The facility's computers are] supposed to be isolated; they are kept disconnected from the internet in order to prevent any outside intrusion or hacking efforts. That was violated by the engineers who decided to use the supercomputer rigs to mine for cryptocurrency.
Mining for cryptocurrency requires a considerable amount of processing power—something the average computer might struggle to provide but a supercomputer designed for work on nuclear weapons surely has the capacity for.
The story does not specify the cryptocurrency or cryptocurrencies the scientists were trying to mine, nor whether any mining was successful.
Related Stories
HotHardware.com is reporting that there's a Linux malware in the wild that takes over Raspberry Pi devices and uses them to mine for cryptocurrency...
Linux.MulDrop.14 [scans] for RPis with an open (and default) SSH port, the "pi" user is logged into (if the password is left default), and the password is subsequently changed. After that, the malware installs ZMap and sshpass software, and then it configures itself... to make digital money for someone else, namely the author or the malware, using your Raspberry Pi.
The article focuses on how much your power bill will go up in the course of making money for someone else due to the 100%-CPU-usage nature of mining software.
The existence of such a malware raises the question: Are there enough Raspberry Pi devices connected to the network, but not really monitored, such that there are enough to mine a single unit of cryptocurrency? ARM dev boards are not known for processing power, and the RPIs are no exception.
On the subject of default root passwords for devices intended to be connected to Internet, must this be the case with the RPI, or could they take the route of having an actually installable GNU/Linux instead of an image of an already installed system with insecure passwords?
Motherboard writes about dodgy, javascript-using web sites which are throwing a little extra CPU load onto visitors and hoping they won't notice much.
Netlab 360's analysis suggests that in-browser cryptocurrency mining, which stormed back onto the world stage in 2017 after being dormant for several years (likely due to low cryptocurrency prices) via a torrent site is now chiefly the purview of porn sites. It's worth noting, too, that criminals have found some pretty creative ways to get people to mine cryptocurrency for them outside of website visits, including hacking an Argentine internet provider.
In-browser cryptocurrency mining has the potential to eat up your computer's resources and slow down your machine, making the trend of particular interest to cyber security researchers lately. Last year, Symantec predicted that in-browser mining would turn into an "arms race" in 2018 as malicious actors come up with even more inventive (and invasive) methods of mining digital coins with someone else's machine.
Source : Porn Sites Are Doing the Most Cryptocurrency Mining
(Score: 3, Interesting) by Gaaark on Saturday February 10 2018, @09:52PM (3 children)
Ha, that's great. I love it.
wish i'd thought of it
--- Please remind me if I haven't been civil to you: I'm channeling MDC. ---Gaaark 2.0 ---
(Score: 1) by Deeo Kain on Saturday February 10 2018, @10:33PM
They're going to be sent digging Uranium (a crypto-radiactive-coin) in Siberia.
(Score: 0) by Anonymous Coward on Saturday February 10 2018, @10:44PM (1 child)
Now you might be able, if the machine is still connected. Hack away!
(Score: 4, Funny) by Azuma Hazuki on Sunday February 11 2018, @03:37AM
Roses are red, comrade
Violets are blue
In post-Soviet Russia
Bitcoin mines YOU
(sorry, I couldn't resist...where else but Siberia would you get a snow-clone like that?)
I am "that girl" your mother warned you about...
(Score: 3, Interesting) by Ethanol-fueled on Saturday February 10 2018, @10:45PM (13 children)
Actually it raises a broader question - how many people or organizations have used supercomputer/cluster time for the specific and legitimate purpose of mining cryptocurrency? Looks like I'd better dig that old SGI cluster out of the closet and get crackin'.
(Score: 2) by requerdanos on Saturday February 10 2018, @10:53PM (5 children)
I have been thinking that I am very moral and upstanding. But I must confess that if I worked in a lab with supercomputers, and read this article, it would set the wheels in my brain turning in the direction of finding some reason to "research" a CPU-mined cryptocurrency to extend scientific knowledge in that area. (I'll even contribute the wallet to use; here is its payment address...)
(Score: 4, Funny) by Ethanol-fueled on Saturday February 10 2018, @11:05PM (4 children)
It seems like just another case of the rich becoming richer, unless it's profitable for average Joe Shit the Ragman to rent a time slot or subset of cluster components.
Then there is the potential for security breaches if the cluster is networked to the rest of the world.
I know people who bought in Bitcoin early and kept them through the original crash, now they have made huge profits. I choose not to engage in any cryptos because I consider it a form of speculation (or, more informally, "economic voodoo"), and as a rule I don't gamble more than 20 dollars in one session. Besides, booze is a much better vice because you know you're going to get your money's worth of intoxication.
(Score: 0, Informative) by Anonymous Coward on Sunday February 11 2018, @01:01AM (3 children)
Got tired of AC trolling huh?
(Score: 2, Troll) by Ethanol-fueled on Sunday February 11 2018, @01:23AM (1 child)
Soylentnews has disallowed me from AC trolling. When I post under AC I get the "excessive bad posting" warning. Besides, if you think an AC troll is me, compare the writing styles.
If you're too stupid to understand spoken style, I suggest you head to the comment section of ArsTechnica. They say all the things you like, and none of what you don't.
Niggers.
Sorry, I have a disability, Tourette's syndrome. It causes me to say "niggers," including bold tags, at inopportune moments.
(Score: 3, Funny) by Ethanol-fueled on Sunday February 11 2018, @01:49AM
Modded down for a disability. Perhaps I should move to India, where my third-but-useless arm would classify me as a demigod. I'm surrounded by bigots.
(Score: 0) by Anonymous Coward on Sunday February 11 2018, @01:48AM
Said the AC troll...
(Score: 3, Informative) by turgid on Saturday February 10 2018, @11:10PM (2 children)
Dude, a $200 Nvidia graphics card has more computing power than your SGI/MIPS/Irix cluster from 1997.
I refuse to engage in a battle of wits with an unarmed opponent [wikipedia.org].
(Score: 1) by Ethanol-fueled on Saturday February 10 2018, @11:50PM (1 child)
Yeah, but what about a cluster from 2005? But you're right, it is pretty hilarious how underpowered those old machines are by today's standards.
By the way, I loved the hardware simplicity of the tower models like Octanes and O2s but fucking hated the Indys. Disassembling Indys was a huge unnecessarily difficult bitch considering the pizza box configuration. Now I know how Volvo and Audi mechanics feel.
(Score: 2) by turgid on Sunday February 11 2018, @12:06PM
Xeon or itanic?
I refuse to engage in a battle of wits with an unarmed opponent [wikipedia.org].
(Score: 4, Informative) by khallow on Saturday February 10 2018, @11:56PM (2 children)
Probably almost none. The thing about Bitcoin mining is that while speed matters, cost per computation is more important. ASIC (Application-specific integrated circuit) miners are far more efficient at mining cryptocurrency in terms of both the initial hardware cost and the number of hashes per unit of electricity consumed than supercomputers. Cryptomining is an embarrassingly parallel problem where just having a large stack of capable computers is good enough and the operations are purely bit manipulation. The capabilities of supercomputers would be wasted on this problem.
Where I think one would use supercomputers or any other collection of computing power is if they already have the hardware and aren't paying extra for electricity consumed. If the machine will run and burn electricity anyway, whether you do something on the machine or not, you might as well be mining bitcoins during downtime. And if a system admin can illegally sneak bitcoin mining on the system, then they sure won't be the ones paying for the electricity.
For me, the most interesting part of this story is the security aspect. This is the highest security system that I've heard of being compromised in this way. But with the current high price of Bitcoin and other cryptocurrency variants, it's likely to become a persistent problem and become yet another danger to worry about. For the enterprising computer cracker, it's a vulnerability to look for. Actually creating a compromised client would be the most sophisticated sort of attack, but one could also just listen in on a downwind network for bitcoin traffic. For systems hooked directly to the internet, you could find access to them in this way (and maybe get some idea of the amount of computation power available to those systems).
(Score: 0) by Anonymous Coward on Sunday February 11 2018, @12:16AM (1 child)
One of the top folding@home members for awhile was a large compute cluster from their employer. "For burn in" for 6 months.
In this case there is money involved. Of course people are doing this. People will cheat for what amounts to basically internet points.
(Score: 2) by frojack on Sunday February 11 2018, @01:15AM
Was the system sitting idle for long periods of time?
How long would they have gotten away with this were it not for this:
Every super computer I've read about is booked solid for years on end. I can see a single purpose machine not connected to the net might run out of work from time to time.
No, you are mistaken. I've always had this sig.
(Score: 3, Interesting) by looorg on Sunday February 11 2018, @09:20AM
The thought has probably crossed a few peoples mind, including my own. I used to manage a lab for a university with a fair amount of computers standing around. Not supercomputers but normal computers, we could have clustered them if we wanted to. Most of the day the computers did nothing but just stand there, students came and used them during the day for their needs but it was mostly just word-processing, surfing, emails, running various software for statistics etc. The computers never really got shutdown so they stood there all night long doing nothing, mostly so they could get patched and updated during the night. The idea was toyed with among administrators that we would, should or could use all the computers (several thousands of them) the university had between 2200 and 0600 at full speed and running in the background at low speed during the other hours of the day. Turns out that power consumption would have gone thru the roof so someone would have noticed, heat production would have forced heating fans (not only in the computers but in the building) to work at full capacity all night to so more electricity consumed, not to mention since the students did have access 24-7 someone would have noticed and cried about it eventually -- even thou the facilities department and the accountants would have found out way before that. It just wasn't really feasible. Also bitcoins wasn't worth much back then so to much of it would have gone into bribes for other staff to hide the fact that we would have been misappropriating university equipment. But it was fun as an idea if nothing else.
So if it crossed mine and the coworkers mind then the same thought has probably crossed the mind of everybody that is in a similar situation. It might not have been worth it financially at the time, but if we had just waited about 15 years or so those bitcoins would have been totally sweeeeet.
(Score: 1, Informative) by Anonymous Coward on Saturday February 10 2018, @10:46PM (3 children)
...the cryptocurrency or cryptocurrencies the scientists were trying to mine, nor whether any mining was successful."
This one does https://www.theguardian.com/world/2018/feb/10/russians-arrested-for-mining-bitcoin-at-nuclear-facility [theguardian.com]
Apparently it was bitcoin and no, they did not succeed.
(Score: 2) by requerdanos on Saturday February 10 2018, @11:00PM (2 children)
It says "Bitcoin" in the headline, but that's not substantiated in the body of the Guardian article, which adds a little background but no additional details over this International Business Times story nor the original Russian-language Interfax.Ru [interfax.ru] story on which it was based.
If they found out what currency, I'd like to know how.
And while we are on that note, if you have supercomputers dedicated to a major national nuclear weapons program running a mining program and you do not get any coin mined, you must of a certainty be doing something wrong.
(Score: 2) by tibman on Saturday February 10 2018, @11:51PM
https://cnnmoneytech.tumblr.com/post/51098009327/a-fun-bitcoin-statistic?iid=EL [tumblr.com]
I'm going to guess the bitcoin network has scaled even higher than supercomputers have scaled in the last five years.
SN won't survive on lurkers alone. Write comments.
(Score: 0) by Anonymous Coward on Sunday February 11 2018, @02:40AM
Probably what they did wrong was get caught before they got seriously cranking.
(Score: 3, Funny) by turgid on Saturday February 10 2018, @11:13PM
On the positive side, while they were trying to mine the bitcoin, they weren't doing any nuclear weapons research, and connecting to the Internet they probably let us get a look at their technology for a change. And the Chinese. A great bunch of lads.
I refuse to engage in a battle of wits with an unarmed opponent [wikipedia.org].
(Score: 1, Insightful) by Anonymous Coward on Sunday February 11 2018, @04:40AM
Never would use someone else's resources to do lame shit like buttcoin for my own benefit, but when I bought a two rack cluster, I had it run over a holiday weekend doing SETI@home (or folding, don't remember).
It was by far the biggest contributor that weekend. The extra electrical load was also quite visible.