Bitcoin News and Finance Kubernetes Clusters Used to Mine Monero by Attackers Skip to main content

Kubernetes Clusters Used to Mine Monero by Attackers

kubernetes

Attackers are abusing an attack vector present in one of the most popular execution engines (Argo Workflows) to repurpose Kubernetes systems to mine cryptocurrencies. The attack exploits a vulnerability in the system of permissions of Argo Workflows machines connected to the internet, deploying malicious workflows that install Monero-based containers.

Attackers Leveraging Argo Workflows for Crypto Mining

A group of attackers discovered a new attack vector that uses a vulnerability in the permission system of Argo Workflows, one of the most used execution engines for Kubernetes, to install cryptocurrency mining modules in machines connected to the internet. This vulnerability means that every instance of Kubernetes, one of the most used cloud computing systems, could be used to mine Monero if it is paired with Argo Workflows.

A report from Intezer, a cybersecurity firm, informs they have already identified infected nodes and others vulnerable to this attack. The unprotected nodes allow any user to ping them and insert their own workflows into the system. This means anyone can use the resources in a vulnerable system and direct them to any task.

Luckily for attackers, there are several Monero-based cryptocurrency mining containers that can be leveraged easily to start mining Monero using these Kubernetes machines. Most of them are derived from kannix/monero-miner, but there are more than 45 other containers available to use. This is why security experts are anticipating large-scale attacks involving this vulnerability.

Cloud Computing Vulnerability

This is just one of the recent attack vectors compromising cloud computing platforms and being used to enable cryptocurrency mining. Just last month, Microsoft informed of a similar attack that also targeted Kubernetes clusters with Kubeflow machine learning (ML) instances. Attackers use the vulnerable nodes to mine monero and also ethereum using Ethminer.

Attacks to this kind of platform started gaining traction back in April 2020, when Microsoft reported an instance that caused tens of thousands of infections in just two hours. These attacks have also prompted companies to switch their policies to avoid abuse. This is the case of Docker, which had to put limits to the free tier of its product because attackers were using its autobuild function to deploy cryptocurrency miners in its free servers.

What do you think about these attacks targeting Kubernetes nodes? Tell us in the comments section below.

Comments

Popular posts from this blog

Custodial Lightning Network Service Attack Discovered by LN ‘Newbie’ — Hacker Strikes 6 LN Custodians

On September 18, a Redditor posted to the r/bitcoin forum and explained how he discovered a way to “attack [the] lightning Network’s custodial services.” The Reddit account dubbed “Reckless Satoshi” wanted to figure out if a “discrepancy between real routing fees and service’s transaction fee can be exploited for a profit.” The researcher disclosed that he wanted to see how large the damage could be and said “it is bad.” 6 Lightning Network Custodial Services Attacked, Researcher Discloses Findings to Offenders Prior to Public Disclosure A Redditor called Reckless Satoshi published a disclosure post on r/bitcoin this past Saturday and disclosed how he had found a vulnerability with routing fees and some of the Lightning Network’s custodial services. The research attack was done in good faith and after it was complete he disclosed the bugs to the offending services before publishing his findings. Reckless Satoshi used the Lightning Network (LN) attack on six different services incl...

Axie Infinity Down 40% Since Last Week’s Price High, Protocol Revenue Outshines Competitors

Last week, the game token leveraged within the Axie Infinity gaming universe skyrocketed to all-time highs, while other crypto markets remained extremely lackluster. During the last seven days, Axie Infinity’s platform token has dropped significantly in value shedding more than 12%. Meanwhile, the game platform’s smooth love potion token has slid over 8% over the last 24 hours. Axie Infinity Down More Than 40% Since All-Time High Not too long ago, the axie infinity (AXS) token was a topical conversation because it reached an all-time high on July 15. At the time, AXS managed to capture $28.93 per unit and since then it has shed 12.8% during the last seven days. The axie infinity (AXS) token is used within the blockchain-based game that involves battles between token-based creatures called “Axies.” AXS is used for the game’s governance system as well as other actions within the game. At the time of writing axie infinity (AXS) is exchanging hands for $16.70 per coin. AXS/USD on Ju...

Play-to-Earn Game From Polker (PKR) Exchange Listing – Endorsed by Akon

The Play-to-Earn NFT based Polker.Game ‘s native token $PKR has been officially listed on the popular centralized exchange BitMart. Polker.game has been in the spotlight recently as Akon, the American R&B superstar and record producer gave his official endorsement of polker stating that the “game is revolutionary” and that Polker is “hands down.. the best play to earn, NFT game in the space.”. With the BitMart listing and celebrity endorsement from Akon, Polker is perfectly positioned to become a major player in the Play-to-Earn league. Watch Akon’s Video Here What is Play-to-Earn? Although not a new concept, play-to-earn has become a trending term due to the popularity of the NFT game AXIE infinity. In the past, previous play-to-earn games have also achieved success – however, thanks to the huge amount of development in the blockchain space in recent years the gaming experience is now massively improved. Play-to-Earn games are essentially free to play and open to anyone and...

China to Crack Down on Copyright Infringement Through NFTs

Authorities in China are going after creators of digital collectibles based on other people’s works of art, the use of which was not authorized. The government offensive is part of a campaign to combat online copyright infringement and piracy with the participation of several departments. Regulators in China Move to Strengthen Copyright Supervision of Online Platforms The National Copyright Administration of China (NCAC) has recently launched a campaign against copyright infringement and piracy on the internet, together with the Ministry of Industry and Information Technology, the Ministry of Public Security, and the State Internet Information Office of the People’s Republic. A major objective of the initiative is to improve copyright supervision of online businesses by investigating cases involving the sale and distribution of infringing products on short video, live broadcast and e-commerce platforms, and promptly dealing with infringing content, the agency announced in a press r...
Blogarama - Blog Directory