Security News > 2020 > June > Microsoft Azure users leave front door open for cryptomining crooks

Microsoft Azure users leave front door open for cryptomining crooks
2020-06-15 14:30

Microsoft just found a campaign that exploits Kubernetes to install cryptomining software in its Azure cloud.

Kubernetes is an open source project that lets administrators manage software containers en masse, and it runs in cloud infrastructures like Microsoft's Azure.

Kubeflow is an open source framework that implements Tensorflow on top of Kubernetes, and Tensorflow is a system originally developed by Google for training AI systems.

The Azure Security Center found a malicious container running as part of a Kubeflow implementation.

Someone pwned a Tesla Kubernetes Amazon Web Services deployment in 2018, exploiting an administrative console that wasn't password protected and then installing a miner on the system.


News URL

https://nakedsecurity.sophos.com/2020/06/15/microsoft-azure-users-leave-front-door-open-for-cryptomining-crooks/

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Microsoft 365 50 1369 2819 161 4399