informa
Quick Hits

Cryptominers Found in Azure Kubernetes Containers

Images from a public repository contained cryptominers that Microsoft researchers found in Kubeflow instances running on Azure.

A new criminal campaign is targeting Kubernetes clusters on Microsoft Azure to turn misconfigured Kubeflow workloads into cryptominers. 

Kubeflow is an open source project that started as a toolkit for learning TensorFlow in Kubernetes and has since become a common framework for running machine learning applications in containers. Microsoft researchers found a suspicious image from a public repository being deployed on Azure Kubernetes clusters. The image resulted in a cryptominer named XMRig being run in the containers.

Because of Kubeflow's nature, it provides an excellent backdoor for attackers looking to gain access to Kubernetes containers within a cluster. The researchers recommend all Kubernetes cluster owners to check that any Kubeflow dashboards are not exposed to the Internet and that a container named "ddsfdfsaadfs" is not running within their clusters. More broadly, owners should only run trusted images and should monitor containers based on them for activity.

Read more here.

VIRTUALSUMMIT_DR20_320x50.jpg
 
 
 
 
 
 
Learn from industry experts in a setting that is conducive to interaction and conversation about how to prepare for that "really bad day" in cybersecurity. Click for more information and to register

Recommended Reading: