Market

Google reveals hacked cloud versions for mining cryptocurrencies

Google reveals hacked cloud versions for mining cryptocurrencies. Conventional mining and cryptocurrency mining may not be the same thing, but they still have something in common. Illegal mining in both forms harms the environment, the economy, public order and governance. Online attacks are very common including cryptocurrency mining abuse, phishing campaigns, ransomware, etc.

A new google cybersecurity report has Disclosure Lots of alarming statistics. In particular, the most compromised Google Cloud accounts are used for mining cryptocurrencies.

The Google Cybersecurity Action Team has published the first issue of Threat Horizons Insights. The report is based on threat intelligence observations from the Threat Analysis Group (TAG), Google Cloud Threat Intelligence for Chronicle, Trust and Safety, and many other internal teams.

Source: Google

The report states:

“Of the 50 recently compromised Google Cloud Platform (GCP) instances, 86% of the Google Cloud instances were used for mining cryptocurrencies – a for-profit process that uses a lot of cloud resources, often CPU / GPU resources or im Cases of Chia Mining, Storage Room ”.

Google cloud used for illegal cryptocurrency mining

According to the report, 10% of the compromised accounts are used to scan other public internet resources to identify vulnerable systems and 8% of the compromised accounts are used to attack targets.

The report also analyzes the cause of this situation. For example, 48% of violations are attributed to actors who gain access to a cloud instance connected to the Internet. You have no passwords or weak passwords from user accounts and API connections.

The attack activities mentioned are not new. In fact, more and more cloud platforms are falling victim to phishing and ransomware campaigns.

“In addition, attackers continue to exploit poorly configured instances of the cloud in order to profit from the mining of cryptocurrencies and the increasing data traffic. The ransomware universe continues to grow as several new ransomware have been discovered, which appear to be versions of existing malware with multiple combinations of capabilities. “

In addition, time also plays an important role in the attack on Google Cloud instances. The shortest time it takes to mine a vulnerable cloud instance on the internet is 30 minutes. Additionally, 58% of security breaches downloaded crypto mining software within 22 seconds of hacking the account.

The source: Google

Taking into account the above timeline, the first attacks and subsequent downloads are event-driven. No human intervention is required. The report says:

“The ability to intervene manually in these situations to prevent exploitation is almost impossible. The best defense is not to deploy a vulnerable system or use automated response mechanisms. “

In connection with Russian

The Russian government-backed APT28 attack group, also known as Fancy Bear, hacked around 12,000 Gmail accounts in a mass fraud attempt. Similar to the previously mentioned tasks, these scammers trick the user into changing credentials on a fake phishing site they control.

Another attack targeted a North Korea-backed hacking group posing as a recruiter for Samsung and sending fake job offers to employees of South Korean information security companies.

Aside from that, Bitcoin magazine recently reported that scammers mined YouTube videos and made at least $ 8.9 million from fake crypto giveaways in October alone.

With this dramatic increase in malicious activity, improving security by integrating two-factor authentication (2FA) must be a priority.

Join Bitcoin Magazine Telegram to keep track of news and comment on this article: https://t.me/coincunews

Follow the Youtube Channel | Subscribe to telegram channel | Follow the Facebook page

CoinX

Recent Posts

Best Coins to Buy in December 2024: Qubetics Offer 630% ROI, Polkadot Delivers on Interoperability and Near Protocol’s Scalability is Talk of the Town

Explore the best coins to buy in December 2024—Qubetics with its thrilling presale, Polkadot’s interoperability,…

5 hours ago

Crypto Market Outlook 2025 Key Factors to Watch

The Crypto Market Outlook 2025 highlights key areas: stablecoin growth, tokenization, crypto ETFs, DeFi innovation,…

8 hours ago

Bitcoin Quantum Computing Threat Expected to Take Decades

The Bitcoin quantum computing threat is years away, but reserves already support post-quantum signatures via…

8 hours ago

Best New Meme Coins to Invest in Today: BTFD Coin Wows Investors with Unmissable Stage-7 Price Reversal as Book of Meme and Snek Crash

Don't miss BTFD Coin's Stage-7 presale dip! Find out why it's leading the pack of…

8 hours ago

Crypto Hedge Funds Banking Issues Persist Over Recent Years

A WSJ survey reveals crypto hedge funds banking issues over three years, with 120 out…

8 hours ago

GraniteShares Crypto ETFs Target U.S. Crypto-Related Stocks

GraniteShares Crypto ETFs aim to offer leveraged exposure to crypto-focused stocks like Riot Platforms and…

8 hours ago

This website uses cookies.