Security News > 2021 > June > Windows Container Malware Targets Kubernetes Clusters
Windows containers have been victimized for over a year by the first known malware to target Windows containers.
In a post published on Monday, Prizmant wrote that Siloscape is heavily obfuscated malware targeting Kubernetes clusters through Windows containers, with the main purpose of opening "a backdoor into poorly configured Kubernetes clusters in order to run malicious containers."
According to Zelivansky and Chiodi, this is the first time researchers have seen malware targeting Windows containers.
Last year, Prizmant documented one such way to break Windows container boundaries.
" Any process running in Windows Server containers should be assumed to have the same privileges as admin on the host, which in this case is the Kubernetes node.
"Siloscape shows us the importance of container security, as the malware wouldn't be able to cause any significant damage if not for the container escape," he wrote.
News URL
https://threatpost.com/windows-containers-malware-targets-kubernetes/166692/
Related news
- FINALDRAFT Malware Exploits Microsoft Graph API for Espionage on Windows and Linux (source)
- Steam pulls game demo infecting Windows with info-stealing malware (source)
- EncryptHub Exploits Windows Zero-Day to Deploy Rhadamanthys and StealC Malware (source)
- APT36 Spoofs India Post Website to Infect Windows and Android Users with Malware (source)