Cryptominers Found in Azure Kubernetes Containers
Images from a public repository contained cryptominers that Microsoft researchers found in Kubeflow instances running on Azure.
A new criminal campaign is targeting Kubernetes clusters on Microsoft Azure to turn misconfigured Kubeflow workloads into cryptominers.
Kubeflow is an open source project that started as a toolkit for learning TensorFlow in Kubernetes and has since become a common framework for running machine learning applications in containers. Microsoft researchers found a suspicious image from a public repository being deployed on Azure Kubernetes clusters. The image resulted in a cryptominer named XMRig being run in the containers.
Because of Kubeflow's nature, it provides an excellent backdoor for attackers looking to gain access to Kubernetes containers within a cluster. The researchers recommend all Kubernetes cluster owners to check that any Kubeflow dashboards are not exposed to the Internet and that a container named "ddsfdfsaadfs" is not running within their clusters. More broadly, owners should only run trusted images and should monitor containers based on them for activity.
Read more here.
Learn from industry experts in a setting that is conducive to interaction and conversation about how to prepare for that "really bad day" in cybersecurity. Click for more information and to register.
About the Author(s)
You May Also Like
Beyond Spam Filters and Firewalls: Preventing Business Email Compromises in the Modern Enterprise
April 30, 2024Key Findings from the State of AppSec Report 2024
May 7, 2024Is AI Identifying Threats to Your Network?
May 14, 2024Where and Why Threat Intelligence Makes Sense for Your Enterprise Security Strategy
May 15, 2024Safeguarding Political Campaigns: Defending Against Mass Phishing Attacks
May 16, 2024
Black Hat USA - August 3-8 - Learn More
August 3, 2024Cybersecurity's Hottest New Technologies: What You Need To Know
March 21, 2024