Dear Cloud user, you may have heard of the security incident that has affected many HPC cluster in Germany and across Europe. * A backdoor was placed on the affected systems, which can be used to extend the permissions for a “normal user“. We do not have heard of affected cloud sites, but since the information situation is unclear we can’t exclude it. The infrastructure of the de.NBI cloud site Bielefeld was checked last Thursday and is not affected by this incident. However it make absolute sense to check your instances (especially the ones with public access) for the availability of two files : /etc/fonts/.fonts /etc/fonts/.low If these files exists on your instance (or you are unsure), do not hesitate to contact us at os-service@cebitec.uni-bielefeld.de.

*Links for further informations: – https://www.heise.de/security/meldung/Mehrere-Hochleistungsrechenzentren-in-Europa-angegriffen-4721393.html – https://csirt.egi.eu/academic-data-centers-abused-for-crypto-currency-mining/

Jan Krüger, de.NBI cloud site Bielefeld

Kategorien: Bielefeld