Security News > 2020 > June > Microsoft Azure users leave front door open for cryptomining crooks
2020-06-15 14:30
Microsoft just found a campaign that exploits Kubernetes to install cryptomining software in its Azure cloud.
Kubernetes is an open source project that lets administrators manage software containers en masse, and it runs in cloud infrastructures like Microsoft's Azure.
Kubeflow is an open source framework that implements Tensorflow on top of Kubernetes, and Tensorflow is a system originally developed by Google for training AI systems.
The Azure Security Center found a malicious container running as part of a Kubeflow implementation.
Someone pwned a Tesla Kubernetes Amazon Web Services deployment in 2018, exploiting an administrative console that wasn't password protected and then installing a miner on the system.