Tech »  Topic »  Misconfigured Docker instances are being hacked to mine cryptocurrency

Misconfigured Docker instances are being hacked to mine cryptocurrency

3 weeks, 4 days ago   techradar.com
  • Security researchers spot new campaign targeting Docker instances
  • The attack deploys a cloud crypto miner, and a worm for further propagation
  • The miner generates the Dero currency

Hackers are building a botnet out of misconfigured Docker API instances and using it to mine the Dero cryptocurrency, experts have warned.

Security researchers from Kaspersky reported finding a “container zombie outbreak” that started with an exposed Docker API.

“This led to the running containers being compromised and new ones being created not only to hijack the victim’s resources for cryptocurrency mining but also to launch external attacks to propagate to other networks,” they explained.

Negotiations ongoing?

In this zombie outbreak, the “patient zero” is a misconfigured API that’s left open to the internet. There, the attackers deploy a piece of malware disguised as ‘nginx’, a high-performance, open-source web server and reverse proxy server.

The malware scans for vulnerable instances and ...


Copyright of this story solely belongs to techradar.com . To see the full text click HERE