Iowa State University Hit by Bitcoin Mining Malware

The University suffered a massive security breach which compromised student personal data and attempted to mine bitcoins.

AccessTimeIconApr 23, 2014 at 10:29 a.m. UTC
Updated Sep 3, 2021 at 11:55 a.m. UTC

Presented By Icon

Election 2024 coverage presented by

Stand with crypto

The Iowa State University has suffered a massive security breach which compromised the security of student data and attempted to mine bitcoin.

The University says the compromised servers contained social security numbers of 29,780 students enrolled between 1995 and 2012.

  • Bitcoin Mining in the U.S. Will Become 'a Lot More Decentralized': Core Scientific CEO
    13:18
    Bitcoin Mining in the U.S. Will Become 'a Lot More Decentralized': Core Scientific CEO
  • Binance to Discontinue Its Nigerian Naira Services After Government Scrutiny
    05:10
    Binance to Discontinue Its Nigerian Naira Services After Government Scrutiny
  • The first video of the year 2024
    04:07
    The first video of the year 2024
  • The last regression video of the year 3.67.0
    40:07
    The last regression video of the year 3.67.0
  • However, there is no indication that any of the files were accessed. No financial information was stored in the student records and further investigation led the university to conclude that personal information was not the target.

    “The servers were hacked by an unknown person or persons seeking to generate enough computing power to create a type of digital money known as bitcoins,” the university said in a statement.

    No threat to students

    Although university officials do not believe personal information was the intended target, they are urging students and former students to monitor their financial reports, just in case.

    The university has reached out to students whose personal information was compromised by the breach; law enforcement was notified of the breach as soon as it was discovered.

    Iowa State is also advising caution, as some of the data could be used to stage further attacks, including phishing scams. The compromised servers have been taken offline and destroyed, while other servers of the same type have been taken off the internet as a precaution.

    Bitcoin botnets remain a concern

    Although many bitcoin miners have dumped x86 platforms with powerful GPUs in favour of bitcoin mining ASICs, hackers are still trying to turn networks into mining zombies. However, this effort does not generate as much money as it used to, as Bitcoin's difficulty has gone up dramatically over the past year.

    As a result, bitcoin mining botnets are about to become a footnote in cryptocurrency mining history.

    Security firms warn that mining botnets and other bitcoin-related security threats are on the rise, but botnets make a lot more sense if they are used for certain types of ASIC-proof altcoins with a limited market.

    However, since hackers who operate bitcoin botnets don’t have to pay the electric bill or the hardware involved in the process, they are still going after regular PCs and servers.

    Iowa State has not disclosed any details on the actual amount of bitcoins mined by the attackers. Since it appears that only a handful of servers were affected, it is highly unlikely that they generated many coins.

    This was not always the case. Last year German police arrested a couple of botnet miners suspected of mining €700,000 worth of bitcoin.

    Image credit: Iowa State University

    Disclosure

    Please note that our privacy policy, terms of use, cookies, and do not sell my personal information have been updated.

    CoinDesk is an award-winning media outlet that covers the cryptocurrency industry. Its journalists abide by a strict set of editorial policies. CoinDesk has adopted a set of principles aimed at ensuring the integrity, editorial independence and freedom from bias of its publications. CoinDesk is part of the Bullish group, which owns and invests in digital asset businesses and digital assets. CoinDesk employees, including journalists, may receive Bullish group equity-based compensation. Bullish was incubated by technology investor Block.one.


    Learn more about Consensus 2024, CoinDesk's longest-running and most influential event that brings together all sides of crypto, blockchain and Web3. Head to consensus.coindesk.com to register and buy your pass now.