Security News > 2021 > June > Microsoft warns of cryptomining attacks on Kubernetes clusters

Microsoft warns of cryptomining attacks on Kubernetes clusters
2021-06-09 17:05

Microsoft warns of an ongoing series of attacks compromising Kubernetes clusters running Kubeflow machine learning instances to deploy malicious containers that mine for Monero and Ethereum cryptocurrency.

The attacks had started towards the end of May when Microsoft security researchers observed a sudden increase in TensorFlow machine learning pod deployments.

While the pods were legitimate from the official Docker Hub repository, the attackers modified them to mine for cryptocurrency on compromised Kubernetes clusters by deploying ML pipelines using the Kubeflow Pipelines platform.

"The attack is still active, and new Kubernetes clusters that run Kubeflow get compromised," Weizman warned.

This campaign follows a similar campaign from April 2020, which also abused powerful Kubernetes clusters as part of a large-scale cryptomining campaign.

Even though Microsoft detected several other campaigns targeting Kubernetes clusters in the past exploiting Internet-exposed services, the April 2020 campaign was the first time an attack specifically targeted Kubeflow environments.


News URL

https://www.bleepingcomputer.com/news/security/microsoft-warns-of-cryptomining-attacks-on-kubernetes-clusters/

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Microsoft 365 50 1369 2820 161 4400
Kubernetes 19 5 45 34 8 92