Skip to main content

Kubernetes Clusters Used to Mine Monero by Attackers

kubernetes

Attackers are abusing an attack vector present in one of the most popular execution engines (Argo Workflows) to repurpose Kubernetes systems to mine cryptocurrencies. The attack exploits a vulnerability in the system of permissions of Argo Workflows machines connected to the internet, deploying malicious workflows that install Monero-based containers.

Attackers Leveraging Argo Workflows for Crypto Mining

A group of attackers discovered a new attack vector that uses a vulnerability in the permission system of Argo Workflows, one of the most used execution engines for Kubernetes, to install cryptocurrency mining modules in machines connected to the internet. This vulnerability means that every instance of Kubernetes, one of the most used cloud computing systems, could be used to mine Monero if it is paired with Argo Workflows.

A report from Intezer, a cybersecurity firm, informs they have already identified infected nodes and others vulnerable to this attack. The unprotected nodes allow any user to ping them and insert their own workflows into the system. This means anyone can use the resources in a vulnerable system and direct them to any task.

Luckily for attackers, there are several Monero-based cryptocurrency mining containers that can be leveraged easily to start mining Monero using these Kubernetes machines. Most of them are derived from kannix/monero-miner, but there are more than 45 other containers available to use. This is why security experts are anticipating large-scale attacks involving this vulnerability.

Cloud Computing Vulnerability

This is just one of the recent attack vectors compromising cloud computing platforms and being used to enable cryptocurrency mining. Just last month, Microsoft informed of a similar attack that also targeted Kubernetes clusters with Kubeflow machine learning (ML) instances. Attackers use the vulnerable nodes to mine monero and also ethereum using Ethminer.

Attacks to this kind of platform started gaining traction back in April 2020, when Microsoft reported an instance that caused tens of thousands of infections in just two hours. These attacks have also prompted companies to switch their policies to avoid abuse. This is the case of Docker, which had to put limits to the free tier of its product because attackers were using its autobuild function to deploy cryptocurrency miners in its free servers.

What do you think about these attacks targeting Kubernetes nodes? Tell us in the comments section below.



from Bitcoin News https://ift.tt/2WkF8KO
Labels:

Comments

Post a Comment

Popular posts from this blog

Deep Web Roundup: Dream Adds Monero and Bitcoin Tumbler “Chip Mixer” Launches

The darknet has been quiet of late, which is the way it’s meant to be. No news means no mega busts, honeypots, or mass market shutdowns. Even when it’s out of the spotlight though, the deep web is quietly making news, whether trialling the latest privacy coins or the newest coin mixers that promise to restore a little of the privacy that’s being stripped away from bitcoin users on a daily basis. Also read: U.S. Agency ICE Conducts Investigations That Exploit Blockchain Activity The Battle for Privacy Heats Up Privacy is all relative, but of late there’s been relatively little privacy to be enjoyed by bitcoin users. Blockchain monitoring software is becoming more sophisticated and more common, with U.S. law enforcement agencies using it to profile and hunt down deep web users. Chip Mixer is a relatively new bitcoin tumbler that’s designed to restore some of that privacy. Available on both the clearnet and darknet, the service uses a variety of techniques to obfuscate blockchain m
10 comments
Read more

International Crypto Exchange Luno Adds Bitcoin Cash Trading

Luno exchange has added bitcoin cash trading to the platform following feedback from its client base. BCH is now only the third cryptocurrency available for trading on the exchange, in addition to BTC and ETH , but more options could be on the way once Luno determines that they are credible enough. Also Read: Bitflyer Adds Bitcoin Cash Trading Across Europe and the US Luno Adds Bitcoin Cash Trading Luno, the London-headquartered company formerly known as Bitx, recently announced that bitcoin cash was made available on its cryptocurrency exchange. Starting from Monday, September 23, customers at Luno are now able to store, buy and sell BCH on the platform. The reason given for adding BCH to the exchange is feedback from users in developing markets that convinced Luno to expand their offering from previously just BTC and ETH . Marcus Swanepoel, CEO of Luno, said , “We are in a new and exciting financial era. Developing economies are leading the large-scale adoption and appli
Post a Comment
Read more

Ombudsman Receives Complaints About Crypto Investments in Spain

The Spanish ombudsman has been receiving complaints about cryptocurrency and how some Spanish citizens investing in these vehicles have lost everything. In his annual report, Angel Gabilondo recognized the rise of cryptocurrencies as a new problem due to the little or no regulation crypto sees in the country. In the same way, the EU has also warned about these assets recently. Spanish Ombudsman Gives His Take on Crypto Angel Gabilondo, the Spanish ombudsman, has given his take regarding cryptocurrencies and the effects they have on citizens investing in some of these projects. Gabilondo said in his yearly report that cryptocurrencies have become “a new problem” during the year examined, with many people having lost all of their funds invested. The report states : Cryptocurrency exchange companies or platforms are not regulated in the legal system, are not subject to any public supervision system, nor do they benefit from deposit guarantee systems. The affected users that sought
Post a Comment
Read more