It didn’t take long for hackers to weaponize a critical Java vulnerability for profit. Using the Log4J exploit, an unidentified actor managed to wrestle control of HP’s AMD-based 9000 EPYC servers, turning the powerful hardware into cryptocurrency miners. The feat provoked a doubling of the hash rate for the CPU-based cryptocurrency Raptoreum (RTM) from 200 MH/s to 400 MH/s before most of the exploited machines were brought offline.
Log4J is a Java vulnerability recently outed as part of the famous Apache suite and merited the highest-possible threat classification (10) under the “CVSS 3.0” guidelines. This is because the exploit doesn’t require physical access and allows for escalation of privileges to trick the system into connecting to, downloading, and running malware from a hacker-controlled server. Several software providers have patched the vulnerability, but that wasn’t the case for HP’s EPYC 9000 machines.
HP’s EPYC server seems to have been targeted for one reason only: To mine Raptoreum (RTM), a CPU-based cryptocurrency based on a Proof-Of-Work (PoW) model that…