Cloud infrastructure attacks are becoming more sophisticated all the time, and according to a new security report, the majority of them have one major goal: mining cryptocurrencycryptocurrency.
A new report issued today by Aqua Security’s cybersecurity-centric Team Nautilus, entitled “Evolution of Attacks in the Wild on Container Infrastructure,” relayed the results of extensive research and testing into the growing trend of attacks on cloud servers.
According to a release, there is a “growing, organized and increasingly sophisticated pattern of attacks on cloud native infrastructure.” And while the majority of the tracked attackers sought to use cloud computing resources to minemine crypto, the release adds that the “methods used open the door for higher-value targets that leverage security gaps in container software supply chains and runtime environments.”
Aqua Security traced cloud infrastructure attacks for a full year, tracking more than 16,000 individual attacks back to various international locations. The report adds that there has been a dramatic uptick in such attacks since the start of 2020, suggesting an organized and systematic approach.
Aqua released a new 70-page #threat report by Team Nautilus, Aqua’s #cybersecurity research team, that reveals a growing, organized and increasingly sophisticated pattern of attacks on #cloudnative infrastructure.
“The attacks we observed are a significant step up in attacks targeting cloud native infrastructure,” said Team Nautilus head Idan Revivo, in a release. “We expect a further increase in sophistication, the use of evasion techniques and diversity of the attack vectors and objectives, since the widespread use of cloud native technologies makes them a more lucrative target for bad actors.”
The report suggests that “sophisticated evasion techniques” are being deployed, including using “vanilla” images that seem to be uncompromised, disabling other resource-draining malware, having time-delayed downloads for payloads, and using 64-bit encryption.
According to the report, about 95% of the attacks were aimed at mining cryptocurrency, and the total number of attacks jumped up 250% year-over-year.
Guardicore, a data center and cloud security company, issued a report today detailing an extensive campaign by a botnet to hijack Microsoft SQL Server (MS-SQL) machines around the globe and force them to mine the cryptocurrencies Monero and Vollar.
Dubbed “Vollgar” by the company—a portmanteau of Vollar and vulgar—the campaign has continued on since it was first detected in May 2018, steadily infecting about 3,000 new machines daily across all sorts of industries, including healthcare and teleco...
This isn’t the first time we’ve heard about malicious attacks on servers with the aim of mining cryptocrypto. Earlier this year, security firm Guardicore issued a report about an active malware campaign that was hijacking Microsoft SQL Server (MS-SQL) machines globally to mine Monero and Vollar. It also noted that some attacks sought to disrupt other malware on hijacked systems, in order to fully command system resources.
Social media platform X drew further criticism over the way it moderates hate speech on Sunday after an official account belonging to Sesame’s Elmo spewed out antisemitic and violent messaging.
Sesame Workshop, the company behind Sesame Street, attributed the outburst to an “unknown hacker.”
“Elmo’s X account was compromised by an unknown hacker who posted disgusting messages, including antisemitic and racist posts,” a spokesperson told CNN on Monday. “We are working to restore full control of t...
In 2006, software engineer Michal Pospieszalski uncovered dangerous flaws in U.S. voting machines—flaws he says still threaten American elections today.
Hired by the Election Science Institute, where he served as Chief Technology Officer, Pospieszalski was flown to the headquarters of election vendor Election Systems & Software (ES&S) in Omaha, Nebraska. His task was to analyze the company’s iVotronic voting system.
For over a week, Pospieszalski uncovered a wide range of issues, including “bad...
A hacker inserted a malicious pull request into a code extension for Ethereum developers, according to researchers at cybersecurity firm ReversingLabs.
The malicious code was inserted into an update for ETHcode, an open source suite of tools used by Ethereum devs to build and deploy EVM-compatible smart contracts and dapps.
A blog by ReversingLabs reveals that two malicious lines of code were buried in a GitHub pull request that comprised 43 commits and 4,000 updated lines, and that concerned i...