On December 27, hackers exploited a vulnerability that exists within the popular Log4j library to gain some advanced control over AMD EPYC-based servers. These hackers used Hewlett Packard (HP) servers to mine the unfamiliar crypto. They used the servers to mine Raptoreum coin as reported by Tom’s Hardware.
The Raptoreum developers first noted an abnormal hash rate growth on their network on December 9. The total number of devices that were involved in the mining of that coin grew at an alarming pace, and the cumulative total computing power of the day of that hack doubled steeply rising from 200 MH/s to 400 MH/s.
After some keen analysis, the Raptoreum team discovered that the attackers exploited compromised HP’s AMD-based 9000 EPYC servers, changing the powerful hardware into crypto miners.
These hackers managed to acquire around 3.4 million Raptoreum tokens worth at least $80,000 at the time of publication. They even sold nearly 1.5 million tokens in the CoinEx cryptocurrency exchange. The rest of the tokens are still held in the wallet. Tomhardware wrote:
“Log4J is a Java vulnerability recently outed as part of the famous Apache suite and merited the highest-possible threat classification (10) under the “CVSS 3.0″ guidelines. This is because the exploit doesn’t require physical access and allows for escalation of privileges to trick the system into connecting to, downloading, and running malware from a hacker-controlled server.”
Hackers are exploiting the Log4j vulnerability to install concealed miners and many other malware on the systems. The bug seems to be the most serious one that has been found in recent years.