HackDig : Dig high-quality web security articles for hackers

Cryptominers Found in Azure Kubernetes Containers

2020-06-12 19:58
Images from a public repository contained cryptominers that Microsoft researchers found in Kubeflow instances running on Azure.

A new criminal campaign is targeting Kubernetes clusters on Microsoft Azure to turn misconfigured Kubeflow workloads into cryptominers. 

Kubeflow is an open source project that started as a toolkit for learning TensorFlow in Kubernetes and has since become a common framework for running machine learning applications in containers. Microsoft researchers found a suspicious image from a public repository being deployed on Azure Kubernetes clusters. The image resulted in a cryptominer named XMRig being run in the containers.

Because of Kubeflow's nature, it provides an excellent backdoor for attackers looking to gain access to Kubernetes containers within a cluster. The researchers recommend all Kubernetes cluster owners to check that any Kubeflow dashboards are not exposed to the Internet and that a container named "ddsfdfsaadfs" is not running within their clusters. More broadly, owners should only run trusted images and should monitor containers based on them for activity.

Read more here.

 
 
 
 
 
 
Learn from industry experts in a setting that is conducive to interaction and conversation about how to prepare for that "really bad day" in cybersecurity. Click for more information and to register


Source: i-d/d/sreniatnoc-setenrebuk-eruza-ni-dnuof-srenimotpyrc/sehcaerb-skcatta/moc.gnidaerkrad.www

Read:396 | Comments:0 | Tags:No Tag

“Cryptominers Found in Azure Kubernetes Containers”0 Comments

Submit A Comment

Name:

Email:

Blog :

Verification Code:

Tools