Google warns users of malicious actors who use the cloud for cryptocurrencies mining-Bitcoin messages
Google warns users of malicious actors who use the cloud for cryptocurrencies mining-Bitcoin messages
Google warned users before using his Google Cloud platform by malicious players to boost cryptocurrencies. In its latest cloud threat intelligence report entitled "Threat Horizons", which offers users security insights, the company said that 86 % of the compromised instances on Google Cloud platforms were used to mining cryptocurrencies. Most of the compromised accounts were secured with weak passwords or without a password.
Google Cloud for mining cryptocurrencies
The software giant Google warns users of malicious actors who use compromised Google Cloud accounts to mining cryptocurrency. Google Cloud accounts have access to computing power that can be easily diverted to carry out malignant tasks. After the first "threat horizons" test report to draw attention to the security gaps in its platform 86 % of the compromised accounts used for this purpose.
The report states that mining cryptocurrencies in the cloud leads to a high level of utilization of the CPU and/or GPU performance. It also refers to the mining alternative cryptocurrencies such as chia Use storage space as a mining resource.
causes and remedy
The first cause of the compromising of the Google Cloud instances examined was the lack of security due to various problems. One of these problems was a weak or non-existent password for access to the platform or a lack of API validation in the instance. Without basic safety measures, a malicious player can easily take these platforms. Other cloud platforms are also in front of the door similar to Problems .
Most of the instances examined downloaded the cryptocurrency-mining software in less than 22 seconds after compromising. This shows that there are systematic attacks by these unsecured instances, with the sole intention of using them for this purpose. In addition, the malicious players seem to actively pursue these unsecured Google instances, since 40 % of the unsecured instances were compromised within eight hours after the provision. Google explained:
This indicates that the public IP address space is routinely scanned according to susceptible cloud instances. It does not matter whether a vulnerable cloud instance is recognized, but when.
In order to reduce these risks, the report recommends that the user to follow basic proven security practices and to implement container analyzes and web scans, tools that examine the system using various techniques such as crawling for safety weaknesses.
What do you think of the use of Google Instance to mining cryptocurrency by malicious players? Tell us in the comment area below.
Bedy verification : Shutterstock, Pixabay, Wiki Commons