CoinMiner Campaigns Move to the Cloud via Docker, Kubernetes

Faybert

Level 24
Thread author
Verified
Top Poster
Well-known
Jan 8, 2017
1,320
After becoming a scourge inside browsers, on desktops, and on servers, cryptocurrency-mining malware is now invading the cloud, and it appears to be quite successful.

Several reports during the past month suggest malware authors are now actively looking to gain access to Docker and Kubernetes systems, two types of applications that are the basic building blocks of many of today's cloud computing services.

The role of these two tools is to help developers roll out containerized/virtualized apps or even entire server setups whenever a company's infrastructure needs more processing power to handle traffic spikes or extra computing tasks.
....
....
Attacks on cloud systems amped up with the new year
The first such attacks targeting Kubernets and Docker instances were detected at the start of the year by Sysdig researchers. Exposers observed attacks against honeypot servers where miscreants would take over a Kubernetes instance and attempt to deploy Docker containers inside which they tried to mine Monero.

Similar honeypot logs were later reported by experts from Aqua Security, who reported attacks against lone Docker instances, during which hackers also tried to mine Monero.
....
....
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top