Australian mined cryptocurrency on CSIRO supercomputer

A Sydney resident was sentenced to 15 months in prison and 300 hours of community service after secretly using the facilities of the Australian State Alliance for Scientific and Applied Research (CSIRO). On the state supercomputer CSIRO, the Australian simply was mining cryptocurrency.

In 2018, an undisclosed man was hired as an IT contractor, and as a result, he gained access to the institution’s servers and supercomputers, designed for various scientific research. The attacker conscientiously fulfilled his duties to support software and archive data, but at the same time decided to earn extra money and began to mine cryptocurrency.

In total, local law enforcements estimate that the unscrupulous contractor managed to mine A$9,400 worth of cryptocurrency (about $6,750).

The Australian Federal Police launched an investigation after CSIRO officers discovered a “serious infrastructure violation” and immediately notified the authorities.

AFP Commander Cybercrime Operations Chris Goldsmid said this investigation uncovered a serious misuse of taxpayer funded resources.

“The AFP commends the prompt actions of CSIRO in identifying this criminal conduct and swiftly reporting it for investigation”, — Cmdr. Goldsmid said.

In March 2018, police raided suspect’s home and eventually seized a laptop and mobile phone.

In May 2019, the man was charged with manipulating the computer programs of a federal government agency in order to mine cryptocurrency. He pleaded guilty in February 2020, and was sentenced last week to 15 months in prison, as well as 300 hours of community service.

“Investigations estimated that the financial damage to CSIRO supercomputers was at least A $76,000. This man’s activities redirected the resources of a supercomputer that was doing important scientific research for the country, including Pulsar Data Array Analysis, medical research, and climate modeling work to measure the impact of climate change on the environment. The consequences are clear – out of greed, CSIRO contractor abused the trust of Australian taxpayers for personal gain”, — AFP said in a statement.

Recall that we talked about the fact that MrbMiner malware infected thousands of servers with MSSQL, and that cybercriminals mined Monero cryptocurrency and have never been detained. However, cybersecurity experts report that the number of crypto-jacking attacks decreased by 99%.