Hackers Mass-Scanning Web for Docker Platforms to Mine Cryptocurrencies
Hackers Mass-Scanning Web for Docker Platforms to Mine Cryptocurrencies
Launched on Nov. 24, a new cryptojacking campaign uses Docker platforms that accept API endpoints exposed online to mine XMR.
5416 Total views
80 Total shares
A group of hackers has launched a new cryptojacking entrada on Nov. 24, scanning as many as 59,000 IP networks to observe Docker platforms that have API endpoints exposed online, business organisation engineering publication ZDNet reports Nov. 26.
According to the report, the campaign is targeting vulnerable Docker instances in society to deploy crypto-malware to generate funds for the hacking group by mining Monero (XMR).
The mass scanning consequence was first discovered by American internet security firm Bad Packets LLC on Nov. 25.
Troy Mursch, chief research officer and co-founder of Bad Packets LLC, said that exploit activity targeting exposed Docker instances is not new and happens quite oft. In March 2018, cybersecurity company Imperva reported that 400 Docker servers — which were remotely accessible through an API weakness — contained Monerno mining programs.
Hackers used a "classic" XMR crypto miner
Mursch, who reportedly discovered the entrada, told ZDNet that once the hacking group manages to identify an exposed host, attackers deploy the API endpoint to start an Alpine Linux Os container to run a control that downloads and runs a Bash script from the attackers' server. That script then reportedly installs a "classic XMRRig cryptocurrency miner."
According to Mursch, hackers mined 14.82 XMR in the two days the Docker-targeting entrada has been active, which is worth $835 at press time.
Docker is a developer tool designed to simplify processes of creating, deploying and running software by using containers. Containers allow developers to package up an application with all of the required parts similar libraries and other dependencies and deliver it as one packet.
In order to avoid the newly detected vulnerability, Mursch recommends that users who run Docker instances immediately bank check if they are exposing their API endpoints on the cyberspace, close the ports, and terminate unrecognized running containers.
On Nov. 25, major crypto commutation BitBay announced that the platform will delist Monero due to money laundering concerns. BitBay follows other exchanges like OKEx, who accept delisted the cryptocurrency in order to remain compliant with guidelines set by the Financial Action Task Strength.
Source: https://cointelegraph.com/news/hackers-mass-scanning-web-for-docker-platforms-to-mine-cryptocurrencies
Posted by: burnhamromay1946.blogspot.com
0 Response to "Hackers Mass-Scanning Web for Docker Platforms to Mine Cryptocurrencies"
Post a Comment