Security News > 2021 > June > Windows Container Malware Targets Kubernetes Clusters

Windows Container Malware Targets Kubernetes Clusters
2021-06-07 17:18

Windows containers have been victimized for over a year by the first known malware to target Windows containers.

In a post published on Monday, Prizmant wrote that Siloscape is heavily obfuscated malware targeting Kubernetes clusters through Windows containers, with the main purpose of opening "a backdoor into poorly configured Kubernetes clusters in order to run malicious containers."

According to Zelivansky and Chiodi, this is the first time researchers have seen malware targeting Windows containers.

Last year, Prizmant documented one such way to break Windows container boundaries.

" Any process running in Windows Server containers should be assumed to have the same privileges as admin on the host, which in this case is the Kubernetes node.

"Siloscape shows us the importance of container security, as the malware wouldn't be able to cause any significant damage if not for the container escape," he wrote.


News URL

https://threatpost.com/windows-containers-malware-targets-kubernetes/166692/

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Kubernetes 19 5 45 34 8 92