Iowa State University Hit by Bitcoin Mining Malware

The University suffered a massive security breach which compromised student personal data and attempted to mine bitcoins.

AccessTimeIconApr 23, 2014 at 10:29 a.m. UTC
Updated Sep 11, 2021 at 10:42 a.m. UTC

The Iowa State University has suffered a massive security breach which compromised the security of student data and attempted to mine bitcoin.

The University says the compromised servers contained social security numbers of 29,780 students enrolled between 1995 and 2012.

However, there is no indication that any of the files were accessed. No financial information was stored in the student records and further investigation led the university to conclude that personal information was not the target.

“The servers were hacked by an unknown person or persons seeking to generate enough computing power to create a type of digital money known as bitcoins,” the university said in a statement.

No threat to students

Although university officials do not believe personal information was the intended target, they are urging students and former students to monitor their financial reports, just in case.

The university has reached out to students whose personal information was compromised by the breach; law enforcement was notified of the breach as soon as it was discovered.

Iowa State is also advising caution, as some of the data could be used to stage further attacks, including phishing scams. The compromised servers have been taken offline and destroyed, while other servers of the same type have been taken off the internet as a precaution.

Bitcoin botnets remain a concern

Although many bitcoin miners have dumped x86 platforms with powerful GPUs in favour of bitcoin mining ASICs, hackers are still trying to turn networks into mining zombies. However, this effort does not generate as much money as it used to, as Bitcoin's difficulty has gone up dramatically over the past year.

As a result, bitcoin mining botnets are about to become a footnote in cryptocurrency mining history.

Security firms warn that mining botnets and other bitcoin-related security threats are on the rise, but botnets make a lot more sense if they are used for certain types of ASIC-proof altcoins with a limited market.

However, since hackers who operate bitcoin botnets don’t have to pay the electric bill or the hardware involved in the process, they are still going after regular PCs and servers.

Iowa State has not disclosed any details on the actual amount of bitcoins mined by the attackers. Since it appears that only a handful of servers were affected, it is highly unlikely that they generated many coins.

This was not always the case. Last year German police arrested a couple of botnet miners suspected of mining €700,000 worth of bitcoin.

Image credit: Iowa State University

DISCLOSURE

Please note that our privacy policy, terms of use, cookies, and do not sell my personal information has been updated.

The leader in news and information on cryptocurrency, digital assets and the future of money, CoinDesk is a media outlet that strives for the highest journalistic standards and abides by a strict set of editorial policies. CoinDesk is an independent operating subsidiary of Digital Currency Group, which invests in cryptocurrencies and blockchain startups. As part of their compensation, certain CoinDesk employees, including editorial employees, may receive exposure to DCG equity in the form of stock appreciation rights, which vest over a multi-year period. CoinDesk journalists are not allowed to purchase stock outright in DCG.

Trending

1
CoinDesk - Unknown
Grayscale Sues SEC Over Bitcoin ETF Application Rejection

The SEC rejected Grayscale's application to convert its Grayscale Bitcoin Trust to an exchange-traded fund earlier Wednesday.

CoinDesk - Unknown
2
CoinDesk - Unknown
SEC Rejects Grayscale’s Spot Bitcoin ETF Application

Grayscale has said it was prepared for “all possible post-ruling scenarios."

CoinDesk - Unknown
3
CoinDesk - Unknown
Coinbase is Reportedly Selling Geo-Location Data to ICE

Watchdog group Tech Inquiry reported the new details about Coinbase’s three-year contract with the U.S. Department of Homeland Security.

CoinDesk - Unknown
4
CoinDesk - Unknown
Genesis Faces ‘Hundreds of Millions’ in Losses as 3AC Exposure Swamps Crypto Lenders: Sources

The DCG-owned trading colossus is said to have suffered nine-figure losses partly through exposure to Three Arrows Capital and Babel Finance.

CoinDesk - Unknown