●Stories
●Firehose
●All
●Popular
●Polls
●Software
●Thought Leadership
Submit
●
Login
●or
●
Sign up
●Topics:
●Devices
●Build
●Entertainment
●Technology
●Open Source
●Science
●YRO
●Follow us:
●RSS
●Facebook
●LinkedIn
●Twitter
●
Youtube
●
Mastodon
●Bluesky
Catch up on stories from the past week (and beyond) at the Slashdot story archive
Forgot your password?
Close
wnewsdaystalestupid
sightfulinterestingmaybe
cflamebaittrollredundantoverrated
vefunnyunderrated
podupeerror
×
150304973
story
Posted
by
BeauHD
t 13, 2021 @04:25PM
from the prioritized-performance dept.
Uptycs Threat Research Team has discovered malware that not only hijacks vulnerable *nix-based servers and uses them to mine cryptocurrency but actually modifies their CPU configurations in a bid to increase mining performance at the cost of performance in other applications. Tom's Hardware reports: Perpetrators use a Golang-based worm to exploit known vulnerabilities like CVE-2020-14882 (Oracle WebLogic) and CVE-2017-11610 (Supervisord) to gain access to Linux systems, reports The Record. Once they hijack a machine, they use model-specific registers (MSR) to disable the hardware prefetcher, a unit that fetches data and instructions from the memory into the L2 cache before they are needed.
Prefetching has been used for years and can boost performance in various tasks. However, disabling it can increase mining performance in XMRig, the mining software the perpetrators use, by 15%. But disabling the hardware prefetcher lowers performance in legitimate applications. In turn, server operators either have to buy additional machines to meet their performance requirements or increase power limits for existing hardware. In either case, they increase power consumption and spend additional money. The botnet has been reportedly used since at least December 2020 and targeted vulnerabilities in MySQL, Tomcat, Oracle WebLogic, and Jenkins.
You may like to read:
Samsung's Leader Is Out of Jail, Allowing US Factory Plans To Move Forward
Reddit Is Quietly Rolling Out a TikTok-Like Video Feed Button On iOS
This discussion has been archived.
No new comments can be posted.
Load All Comments
Full
Abbreviated
Hidden
/Sea
Score:
5
4
3
2
1
0
-1
More
Login
Forgot your password?
Close
Close
Log In/Create an Account
●
All
●
Insightful
●
Informative
●
Interesting
●
Funny
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
byAnonymous Coward writes:
Crypto's primary purpose is crime.
byAnonymous Coward writes:
The first function of the USD is racketeering: https://wtfhappenedin1971.com/ [wtfhappenedin1971.com]
byAnonymous Coward writes:
On Monday April 26, 2021 @02:16AM UTC, Pyrite Pete [urbandictionary.com] had said:
Wait 1-2 months, and BTC will be twice its value. [slashdot.org]
That was back when bitcoin had already fallen, and down to about $47K at the time. It should've been back up to "twice its value" no later than June 26 2021 - nearly two months ago. It is now sitting at only about $47K.
Now that's what I call a prediction #FAIL!
●urrent threshold.
●rrent threshold.
●ent threshold.
●nt threshold.
byAnonymous Coward writes:
You could say the same about precious metal, gemstones and fiat money. And it has been that way for thousands of years.
●nt threshold.
● threshold.
●t threshold.
byRockDoctor ( 15477 ) writes:
So, surreptitious crypto-miner software writers have enough incentive to perform some fairly sophisticated software performance analysis.
Or, have they ripped off some code from an OS miner which does this with the permission and instruction of the system's administrator? Without, of course, citing their sources or giving credit where credit is due.
I don't have a problem with explicit mining software - if someone figures they can make a profit off it, that's a big fat SHRUG from me. Mining malware, on the
byAATheorist ( 8044698 ) writes:
Why anyone would wish their money to be easier to steal is beyond me.
The cult of crypto will blather on with their debate about.... nothing at all really.
twitter
facebook
byZ80a ( 971949 ) writes:
Getting money with crypto is "automatic".
Run program, get money.
You don't depend on having a healthy market to get a job or having to actually work or..
●threshold.
byAnonymous Coward writes:
But disabling the hardware prefetcher lowers performance in legitimate applications.
So your server's been pwned, and your main concern is "potentially reduced performance"... ooookay.
In turn, server operators either have to buy additional machines to meet their performance requirements or increase power limits for existing hardware.
... or... you know... NUKE THE COMPROMISED BOX. YOU GODDAMN FUCKING MORONS.
byDeanonymizedCoward ( 7230266 ) writes:
In turn, server operators either have to buy additional machines to meet their performance requirements or increase power limits for existing hardware.
... or... you know... NUKE THE COMPROMISED BOX. YOU GODDAMN FUCKING MORONS.
Hey now, that's commie talk! In America, the custom is not to fix a problem, but to paper over it with $100 bills until no one can see it anymore.
bycoolsnowmen ( 695297 ) writes:
Exactly, came here to say this
bythegarbz ( 1787294 ) writes:
I suspect server operators would need to buy additional machines because their CPU cores are pegged at 100% mining crypto, not because the hardware prefetcher is disabled and causing applications to have a minor performance drop.
twitter
facebook
●threshold.
There may be more comments in this discussion. Without JavaScript enabled, you might want to turn on Classic Discussion System in your preferences instead.
●
390 commentsUS To Halt Offensive Cyber Operations Against Russia
●
272 comments'I Won't Connect My Dishwasher To Your Stupid Cloud'
●
243 comments'USB-A Isn't Going Anywhere, So Stop Removing the Port'
●
235 commentsShould We Sing the Praises of Agile, or Bury It?
●
209 commentsNew Book Argues Hybrid Schedules 'Don't Work', Return-to-Office Brings Motivation and Learning
Reddit Is Quietly Rolling Out a TikTok-Like Video Feed Button On iOS
Samsung's Leader Is Out of Jail, Allowing US Factory Plans To Move Forward
Slashdot Top Deals
Slashdot
●
●
ofloaded
●
Submit Story
It is much harder to find a job than to keep one.
●FAQ
●Story Archive
●Hall of Fame
●Advertising
●Terms
●Privacy Statement
●About
●Feedback
●Mobile View
●Blog
Do Not Sell or Share My Personal Information
Copyright © 2026 Slashdot Media. All Rights Reserved.
×
Close
Working...
Reddit Is Quietly Rolling Out a TikTok-Like Video Feed Button On iOS
12comments
Samsung's Leader Is Out of Jail, Allowing US Factory Plans To Move Forward
14comments
Do Not Sell or Share My Personal Information
Copyright © 2026 Slashdot Media. All Rights Reserved.
×
Close
Working...