A Canadian university took the drastic measure of shutting down its entire network after some of its computers were infected with cryptocurrency miner that overworked their processors.
St. Francis Xavier (StFX) University in Nova Scotia on Sunday revealed it was victim to a cryptocurrency mining attack that was so severe the university decided a campus-wide network outage was the best option for recovery.
In a statement, the university said its IT department “purposely disabled all network systems” after consulting external security experts.
The decision resulted in a four day outage beginning Thursday last week in response to what it said was an “automated attack on our systems known as ‘crytpocoin mining.’”
While no personal information was exposed in the attack, the university confirmed the malware “attempted to utilize StFX’s collective computing power in order to create or discover bitcoin for monetary gain.”
On Sunday systems were being revived in a “staggered approach”. Systems downed during the response include the university’s wi-fi network, its ‘Moodle’ online learning system, and payment systems.
It’s likely the term “bitcoin” was a generic reference to cryptocurrencies given that most criminals use software in this context to generate currencies that are less computationally intensive to mine, such as Monero, Lotecoin, Dogecoin, or any of the dozens other cryptocurrencies in Bitcoin’s shadow.
Criminals started using others’ CPUs for mining en masse last year as file-encrypting ransomware attacks leveled off.
Ransomware operators promised victims access to their encrypted files in exchange for payment predominantly in Bitcoin, likely because Bitcoin is the most widely accepted cryptocurrency for payments, despite being difficult to mine.
Instead of demanding payment in Bitcoin, attackers simply infected PCs with coin miners or used CoinHive-based browser malware to harvest CPU capacity and generate income without bearing any costs.
But for victims, it can mean their machine’s CPU is consumed until the machine burns out. Malicious miners have been deployed against consumer devices, often using browser malware, while enterprise hardware has been coopted into mining currency via un-patched vulnerabilities in enterprise server software.