Security News > 2021 > June > Windows Container Malware Targets Kubernetes Clusters
Windows containers have been victimized for over a year by the first known malware to target Windows containers.
In a post published on Monday, Prizmant wrote that Siloscape is heavily obfuscated malware targeting Kubernetes clusters through Windows containers, with the main purpose of opening "a backdoor into poorly configured Kubernetes clusters in order to run malicious containers."
According to Zelivansky and Chiodi, this is the first time researchers have seen malware targeting Windows containers.
Last year, Prizmant documented one such way to break Windows container boundaries.
" Any process running in Windows Server containers should be assumed to have the same privileges as admin on the host, which in this case is the Kubernetes node.
"Siloscape shows us the importance of container security, as the malware wouldn't be able to cause any significant damage if not for the container escape," he wrote.
News URL
https://threatpost.com/windows-containers-malware-targets-kubernetes/166692/
Related news
- Russia targets Ukrainian conscripts with Windows, Android malware (source)
- New SteelFox malware hijacks Windows PCs using vulnerable driver (source)
- New CRON#TRAP Malware Infects Windows by Hiding in Linux VM to Evade Antivirus (source)
- Windows, macOS users targeted with crypto-and-info-stealing malware (source)
- New Malware Technique Could Exploit Windows UI Framework to Evade EDR Tools (source)