RATE Group | Cryptojacking worm infects exposed Docker deployments
65573
post-template-default,single,single-post,postid-65573,single-format-standard,ajax_fade,page_not_loaded,,qode_grid_1300,side_area_uncovered_from_content,footer_responsive_adv,qode-content-sidebar-responsive,qode-child-theme-ver-1.0.0,qode-theme-ver-13.3,qode-theme-bridge,wpb-js-composer js-comp-ver-7.9,vc_responsive
 

Cryptojacking worm infects exposed Docker deployments

16 Oct Cryptojacking worm infects exposed Docker deployments

Posted at 17:48h in Cryptocurrency News by

[ad_1]

Attackers are exploiting Docker Engine deployments that are exposed to the internet without authentication to deploy and run cryptojacking malware on servers. A new cryptojacking botnet with self-spreading capabilities has infected over 2,000 such Docker deployments so far.

“There have been incidents of cryptojacking malware spreading as a worm, but this is the first time we see a cryptojacking worm spread using containers in the Docker Engine (Community Edition),” researchers from Palo Alto Networks said in a report released today. “Because most traditional endpoint protection software does not inspect data and activities inside containers, this type of malicious activity can be difficult to detect.”

A botnet with unusual behavior

The new worm has been dubbed Graboid and was distributed from Docker Hub, a public repository of Docker container images. Attackers uploaded images to Docker Hub with malicious scripts that, when executed, deployed the…

[ad_2]

Source link

Tags:
, , , , ,