Security News > 2022 > November > Docker Hub repositories hide over 1,650 malicious containers
Over 1,600 publicly available Docker Hub images hide malicious behavior, including cryptocurrency miners, embedded secrets that can be used as backdoors, DNS hijackers, and website redirectors.
Docker Hub is a cloud-based container library allowing people to freely search and download Docker images or upload their creations to the public library or personal repositories.
Docker images are templates for the quick and easy creation of containers that contain ready-to-use code and applications.
Due to abuse of the service by threat actors, over a thousand malicious uploads introduce severe risks to unsuspecting users deploying malware-laden images on locally hosted or cloud-based containers.
Many malicious images discovered by Sysdig used typosquatting to impersonate legitimate and trusted images, only to infect users with crypto-miners.
The size of the Docker Hub public library does not allow its operators to scrutinize all uploads daily; hence many malicious images go unreported.