Kubernetes Clusters Used to Mine Monero by Attackers


A group of attackers discovered a new attack vector that uses a vulnerability in the permission system of Argo Workflows, one of the most used execution engines for Kubernetes, to install cryptocurrency mining modules in machines connected to the internet. This vulnerability means that every instance of Kubernetes, one of the most used cloud computing systems, could be used to mine Monero if it is paired with Argo Workflows.

A report from Intezer, a cybersecurity firm, informs they have already identified infected nodes and others vulnerable to this attack. The unprotected nodes allow any user to ping them and insert their own workflows into the system. This means anyone can use the resources in a vulnerable system and direct them to any task.

Luckily for attackers, there are several Monero-based cryptocurrency mining containers that can be leveraged easily to start mining Monero using these Kubernetes machines. Most of them are derived from kannix/monero-miner, but there are more than 45 other containers available to use. This is why security experts are anticipating large-scale attacks involving this vulnerability.

Cloud Computing Vulnerability

This is just one of the recent attack vectors compromising cloud computing platforms and being used to enable cryptocurrency mining. Just last month, Microsoft informed of a similar attack that also targeted Kubernetes clusters with Kubeflow machine learning (ML) instances. Attackers use the vulnerable nodes to mine monero and also ethereum using Ethminer.

Attacks to this kind of platform started gaining traction back in April 2020, when Microsoft reported an instance that caused tens of thousands of infections in just two hours. These attacks have also prompted companies to switch their policies to avoid abuse. This is the case of Docker, which had to put limits to the free tier of its product because attackers were using its autobuild function to deploy cryptocurrency miners in its free servers.

Read the article:  With NFT-Accelerated Ecological Convergence, Glittering Collection Totems Will Be Available for Sales in Blind Boxes

What do you think about these attacks targeting Kubernetes nodes? Tell us in the comments section below.

Every trader who trades cryptocurrency on the Binance exchange wants to know about the upcoming pumping in the value of coins in order to make huge profits in a short period of time.
This article contains instructions on how to find out when and which coin will participate in the next “Pump”. Every day, the community on Telegram channel Crypto Pump Signals for Binance publishes 1-2 free signals about the upcoming “Pump” and reports on successful “Pumps” which have been successfully completed by the organizers of the VIP community.
These trading signals help earn from 20% to 150% profit in just a few hours after purchasing the coins published on the Telegram channel “Crypto Pump Signals for Binance”. Are you already making a profit using these trading signals? If not, then try it! We wish you good luck in trading cryptocurrency and wish to receive the same profit as VIP users of the Crypto Pump Signals for Binance channel. Examples can be seen on this page!
John Lesley/ author of the article

John Lesley is an experienced trader specializing in technical analysis and forecasting of the cryptocurrency market. He has over 10 years of experience with a wide range of markets and assets - currencies, indices and commodities.John is the author of popular topics on major forums with millions of views and works as both an analyst and a professional trader for both clients and himself.

Leave a Reply