A hacking group has launched a new cryptojacking campaign earlier this week. The hackers have scanned over 59,000 IP networks searching for Docker platforms that have API endpoints exposed online, the report says.
According to the 26 November report, the campaign is targeting vulnerable Docker instances. The campaign lets the hackers send commands to the Docker instance and deploy a crypto-malware on a company’s Docker instances. This generates funds for the hackers’ own profits by mining Monero (XMP).
American internet security firm Bad Packets LLC first found the campaign on November 25.
Chief research officer and co-founder of Bad Packets LLC, Troy Mursch thinks that exploit activity targeting Docker systems with exposed API endpoints happens quite often. Last year, cybersecurity company Imperva reported that 400 Docker servers, which were remotely accessible through an API weakness, contained Monerno mining programs.
Mursch, who discovered the mass scanning issue, said that once the hackers manage to identify an exposed host, the attacher group deploys the API endpoint to start an Alpine Linux OS container. Afterward, the sent command downloads and runs a Bash script from the hackers’ server. That script installs a classic XMRRig crypto miner, Mursch says.
Docker is a tool that helps to create, deploy and run different applications easily by using containers. The containers allow a developer to package up an application with all of the needed parts. These include libraries and other dependencies and ship them as one package.
To avoid the recently detected vulnerability, Mursch says organizations and users who run Docker instances should immediately check if they are exposing their API endpoints on the internet, close the ports, and terminate unrecognized running containers.
Due to money laundering concerns BitBay, the major crypto exchange announced that the platform will delist Monero. Other exchanges such as OKEx delisted a slew of privacy-oriented coins including Monero. This occurred in September in order to remain compliant with the guidelines of the Financial Action Task Force.
In a world where economic uncertainty looms, and geopolitical tensions persist, investors often turn to precious metals as a reliable…
Key points: Apple collaborates with Taiwan Semiconductor to create AI chips for efficient data centre operations. Despite a 4% revenue…
Key Points Bitcoin's support is $63,350, with further levels at $62,800 and potential dips to $60,800. Key resistance at $64,500;…
Key Points: Amazon Web Service (AWS) has committed $8.87 billion to enhance data centre capabilities in Singapore over the next…
Key Points USD weakness fuels GBP surge; Dovish Federal Reserve Comments Hint at Possible rate cuts, boosting GBP/USD to 1.2560.…
Key Points: Brent oil futures increased by 0.5% to $83.73/barrel, and WTI up 0.6% to $78.56/barrel. Israeli military action in…
This website uses cookies.