Malicious actors targeting the cloud for cryptocurrency-mining activities

2022-04-06 04:00

"Just a few hours of compromise could result in profits for the perpetrators. That's why we're seeing a continuous fight for cloud CPU resources. It's akin to a real-life capture-the-flag, with the victim's cloud infrastructure the battleground," said Stephen Hilt, Senior Threat Researcher at Trend Micro.

Threat actors are increasingly scanning for and exploiting these exposed instances, as well as brute-forcing SecureShell credentials, in order to compromise cloud assets for cryptocurrency mining, the report reveals.

Targets are often characterized by having outdated cloud software in the cloud environment, poor cloud security hygiene, or inadequate knowledge on how to secure cloud services and thus easily exploited by threat actors to gain access to the systems.

Mitigating the threat from malicious cryptocurrency mining attacks in the cloud Ensure systems are up-to-date and running only the required services.

Deploy firewall, IDS/IPS, and cloud endpoint security to limit and filter network traffic to and from known bad hosts.

Monitor traffic to and from cloud instances and filter out domains associated with known mining pools.

News URL

https://www.helpnetsecurity.com/2022/04/06/malicious-cryptocurrency-mining-groups/

#cloud #cryptocurrency #mining

News URL

Related news