Skip to main content

Google Alerts Users About Malicious Actors Using Cloud for Cryptocurrency Mining

google cloud

Google has warned users about the use of its Google Cloud platform by malicious actors to mine cryptocurrencies. In its latest Cloud Threat Intelligence report titled “Threat Horizons,” which provides users with security insights, the company informed that 86% of the compromised instances on Google Cloud platforms were being used to mine cryptocurrencies. Most of the accounts compromised were secured with weak passwords or with no password at all.

Google Cloud Used to Mine Cryptocurrencies

Software giant Google is alerting users about malicious actors using compromised Google Cloud accounts for mining cryptocurrency. Google Cloud accounts have access to processing power that can be easily redirected to perform malicious tasks. According to the first “Threat Horizons” report, issued by Google to raise awareness about the security weaknesses in its platform, 86% of the compromised accounts are used for this purpose.

The report states that cryptocurrency mining in the cloud causes high usage of CPU and/or GPU power. It also makes reference to the mining of alternative cryptocurrencies like Chia, which use storage space as a mining resource.

Causes and Mitigation

The first cause of the compromise of the examined Google Cloud instances was poor security due to different issues. One of these issues was a weak or inexistent password to access the platform, or a lack of API validation in the instance. With no basic security measures applied, a malicious actor can easily take hold of these platforms. Other cloud platforms are also facing similar problems.

Most of the studied instances downloaded the cryptocurrency mining software in less than 22 seconds after being compromised. This shows that there are systematic attacks of these unsecured instances, with the sole intention being to use them for this purpose. Also, the malicious actors seem to be tracking these unsecured Google Instances actively, given that 40% of the unsecured instances were compromised within eight hours of being deployed. Google stated:

This suggests that the public IP address space is routinely scanned for vulnerable Cloud instances. It will not be a matter of if a vulnerable Cloud instance is detected, but rather when.

To mitigate these risks, the report recommends users follow basic best security practices and implement container analysis and web scanning, tools that will probe the system for security weaknesses using different techniques like crawling.

What do you think about the use of Google Instances to mine cryptocurrency by malicious actors? Tell us in the comments section below.



from Bitcoin News https://ift.tt/3roQwCK
Labels:

Comments

Post a Comment

Popular posts from this blog

Deep Web Roundup: Dream Adds Monero and Bitcoin Tumbler “Chip Mixer” Launches

The darknet has been quiet of late, which is the way it’s meant to be. No news means no mega busts, honeypots, or mass market shutdowns. Even when it’s out of the spotlight though, the deep web is quietly making news, whether trialling the latest privacy coins or the newest coin mixers that promise to restore a little of the privacy that’s being stripped away from bitcoin users on a daily basis. Also read: U.S. Agency ICE Conducts Investigations That Exploit Blockchain Activity The Battle for Privacy Heats Up Privacy is all relative, but of late there’s been relatively little privacy to be enjoyed by bitcoin users. Blockchain monitoring software is becoming more sophisticated and more common, with U.S. law enforcement agencies using it to profile and hunt down deep web users. Chip Mixer is a relatively new bitcoin tumbler that’s designed to restore some of that privacy. Available on both the clearnet and darknet, the service uses a variety of techniques to obfuscate blockchain m...
10 comments
Read more

Ombudsman Receives Complaints About Crypto Investments in Spain

The Spanish ombudsman has been receiving complaints about cryptocurrency and how some Spanish citizens investing in these vehicles have lost everything. In his annual report, Angel Gabilondo recognized the rise of cryptocurrencies as a new problem due to the little or no regulation crypto sees in the country. In the same way, the EU has also warned about these assets recently. Spanish Ombudsman Gives His Take on Crypto Angel Gabilondo, the Spanish ombudsman, has given his take regarding cryptocurrencies and the effects they have on citizens investing in some of these projects. Gabilondo said in his yearly report that cryptocurrencies have become “a new problem” during the year examined, with many people having lost all of their funds invested. The report states : Cryptocurrency exchange companies or platforms are not regulated in the legal system, are not subject to any public supervision system, nor do they benefit from deposit guarantee systems. The affected users that sought...
Post a Comment
Read more

2021 Bitcoin Price Predictions: Analysts Forecast BTC Values Will Range Between Zero to $600K

As bitcoin has touched new price highs on Thursday nearing the $50k handle, people have been curious as to where the price will go in the future. Meanwhile, despite the gains so far, a number of luminaries, analysts, executives, and proponents from the crypto space believe the leading crypto asset will reach between $60k to six-digits this year. Mike Novogratz Predicts $100K Bitcoin: ‘Other CFOs and CEOs Are Saying, What Should We Be Doing?’ Satoshi Nakamoto’s invention has gained mass appeal in recent times as the leading digital asset bitcoin ( BTC ) has reached its highest value ever in 2021. On Thursday morning (EST), BTC spiked to an all-time high (ATH) at $48,697 per unit. Earlier in the morning at around 2 a.m., bitcoin was exchanging hands for $44,485 and saw an 8.98% increase since then. At the time of publication, at 6:30 p.m. (EST) on February 11, 2021, bitcoin (BTC) is swapping for $47,821 per coin. With BTC so close to the $50k mark, people have been forecasting ...
Post a Comment
Read more