Bitcoin (BTC) Mining Malware Sends Canadian University Network in Lockdown
St. Francis Xavier University in Canada shut down its entire system for more than three days last week because of a crypto jacking attack. Some of the services have been partially restored.
Canada’s St. Francis Xavier University of Nova Scotia (StFX) temporarily disabled its whole network due to a crypto jacking attack, an official statement from Sunday revealed. The crypto malware targeted StFX’s computer power and electricity to mine Bitcoin (BTC).
The university became aware of the attack on Thursday and immediately took its network offline, including its Wi-Fi connection, online learning management system Moodle, data center bridging (DCB) for the external network, debit transaction tool, information system mesAmis, and student self-service system Banner.
“The malicious software attempted to utilize StFX’s collective computing power in order to create or discover bitcoin for monetary gain. At this time, there is no evidence that any personal information within our network was breached, however, ITS [IT specialists] will continue to analyze and monitor for suspicious activity in the days and weeks ahead,” the institution said in its statement.
The total lockdown continued for nearly four days, with some of the services brought back late into the weekend. The Wi-Fi connection, Moodle, and DCB are now available, while mesAmis and Banner remained offline as at Wednesday morning UTC. All students should reset their passwords to access anew StFX’s services, and the university recommends that its fellows use external connections or the university’s contact center as a precautionary measure.
Mining, or the creation of new virtual coins, is an activity in which graphics processing units (GPUs) or central processing units (CPUs) perform complex mathematic equations to generate the new tokens virtually. The process requires a lot of electricity and powerful computer systems, which has led to the birth of crypto jacking: a malware attack that involves the hacking of browsers to mine cryptocurrencies. It is different from crypto ransomware attacks, where hackers infect devices and want payment in cryptocurrencies or steal virtual currency-related data.