Crypto-mining hackers have targeted Kubernetes clusters

Crypto-mining hackers have targeted Kubernetes clusters

According to Microsoft Senior Security Researcher Yossi Weizman, the attacks began at the end of last month as he and his team discovered a spike in TensorFlow machine learning pod deployments. An investigation of the entry point of the pods revealed deployment aimed to mine cryptocurrency.

Security researchers have warned of hackers’ continued attacks against Kubernetes clusters running Kubeflow machine learning (ML) instances by installing malicious containers that mine cryptocurrencies, such as Monero and Ethereum.

The hackers used two images in the attack. The first was the latest version of TensorFlow (tensorflow/tensorflow:latest), and the second was the latest version with GPU support (tensorflow/tensorflow:latest-gpu).

The images were legitimate but ran malicious crypto-mining code. The attackers abused the access to the Kubeflow centralized dashboard to create a new pipeline. Kubeflow Pipelines is a platform for deploying ML pipelines based on Argo Workflow. These dashboards were exposed to the internet instead of being only open to local access.

Hackers deployed at least two pods on each cluster: one for CPU mining, and the other for GPU mining. Both containers used open-source miners from GitHub: Ethminer in the case of the GPU container and XMRIG in the CPU one.

Weizman said that as part of the attack, hackers deployed a reconnaissance container that queries information about the environment, such as GPU and CPU information, as preparation for the mining activity. This also ran from a TensorFlow container.

The News Highlights

  • Crypto-mining hackers have targeted Kubernetes clusters
  • Check the latest update on Security news
  • .

Disclaimer: If you need to edit or update this news from compsmag then kindly contact us Learn more

For Latest News Follow us on Google News


Latest Headlines
  • Show all
  • Trending News
  • Popular By week
Sensata Technologies Reports First Quarter 2021 Financial Results

MST Pub receives 2021 Outstanding News Award from TSEP

During the COVID-19 pandemic, MST was forced to close for a few weeks, but quickly pivoted to carry-out and curbside pick-up. “It was really a matter of trying ...
Men’s Health Month is June, and that means it’s important to talk to your doctor about prostate health.

Men’s Health Month is June, and that means it’s important to talk to your doctor about prostate health.

Suggest a Correction Suggest a Correction Source So this Men’s Health Month, do the responsible thing and talk to your primary care physician about ...
With funding of 12 million euros, Polish finance company Booste is ready to offer revenue-based financing for a startup in the UK

With funding of 12 million euros, Polish finance company Booste is ready to offer revenue-based financing for a startup in the UK

Boost notes that the provided RBF is meant to be used by companies for growth activities. These include actions such as buying digital ads, marketing campaigns ...
Readers Respond: Crucial Financial Aid for Oregon Students

Readers Respond: Crucial Financial Aid for Oregon Students

Source www.oregonlive.com Thomas Stewart, Eugene As an alumnus, I care deeply about ensuring that all Oregon students have these same advantages. But ...
Crypto Shadow Banking explained and why 12% of earnings are common

‘Cyprus is not a tax haven’ – Minister of Finance

Petridis stated that he understands that “Cyprus does not decide alone and we are not alone in the world”, however he hopes that in the coming weeks the ...
Microsoft wants you to stop using consoles and instead play Xbox games on your TV

Microsoft wants you to stop using consoles and instead play Xbox games on your TV

“As a company, Microsoft is all-in on gaming,” chief executive Satya Nadella said in introducing the plan. “Three billion consumers look to gaming for ...
iPhone 13 dummy unit displays smaller notch and new camera module.

With ‘critical security improvements,’ Apple releases iOS 12.5.4 for older iPhones

The update is available for the iPad Air, the iPad mini 2, and iPad mini 3, as well as the 6th gen iPod touch, iPhone 5s, iPhone 6, and iPhone 6 Plus. All of ...
SHI International expands into Asia-Pacific region with new office in Australia

SHI International expands into Asia-Pacific region with new office in Australia

Press Resources: SHI Corporate Website: http://www.SHI.com SHI Blog: http://blog.SHI.com SHI Twitter Handle: @SHI_Intl For more information, visit ...
John McAfee fights extradition from Spain to the US for bomb fraud and encryption eviction

John McAfee fights extradition from Spain to the US for bomb fraud and encryption eviction

Source www.marketwatch.com McAfee was arrested last October at Barcelona’s international airport on a warrant issued by Tennessee. A judge ordered at that ...
Inside the $ 7 billion merger of Sequoia Financial and Wealthstone Advisors

Pembina highlights the growing momentum with business updates and a broad portfolio of opportunities

News Update Mr. Dilger added, “Throughout its history, Pembina has had an unwavering focus on developing meaningful relationships and creating value for all ...
Show next
Compsmag - Latest News from tech, business and health
Logo