Google reveals hacked cloud versions for mining cryptocurrencies

Google plans to invest $7 billion in the United States Offices in 2021

Google reveals hacked cloud versions for mining cryptocurrencies. Conventional mining and cryptocurrency mining may not be the same thing, but they still have something in common. Illegal mining in both forms harms the environment, the economy, public order and governance. Online attacks are very common including cryptocurrency mining abuse, phishing campaigns, ransomware, etc.

A new google cybersecurity report has Disclosure Lots of alarming statistics. In particular, the most compromised Google Cloud accounts are used for mining cryptocurrencies.

The Google Cybersecurity Action Team has published the first issue of Threat Horizons Insights. The report is based on threat intelligence observations from the Threat Analysis Group (TAG), Google Cloud Threat Intelligence for Chronicle, Trust and Safety, and many other internal teams.

money

Source: Google

The report states:

“Of the 50 recently compromised Google Cloud Platform (GCP) instances, 86% of the Google Cloud instances were used for mining cryptocurrencies – a for-profit process that uses a lot of cloud resources, often CPU / GPU resources or im Cases of Chia Mining, Storage Room ”.

Google cloud used for illegal cryptocurrency mining

According to the report, 10% of the compromised accounts are used to scan other public internet resources to identify vulnerable systems and 8% of the compromised accounts are used to attack targets.

The report also analyzes the cause of this situation. For example, 48% of violations are attributed to actors who gain access to a cloud instance connected to the Internet. You have no passwords or weak passwords from user accounts and API connections.

The attack activities mentioned are not new. In fact, more and more cloud platforms are falling victim to phishing and ransomware campaigns.

“In addition, attackers continue to exploit poorly configured instances of the cloud in order to profit from the mining of cryptocurrencies and the increasing data traffic. The ransomware universe continues to grow as several new ransomware have been discovered, which appear to be versions of existing malware with multiple combinations of capabilities. “

In addition, time also plays an important role in the attack on Google Cloud instances. The shortest time it takes to mine a vulnerable cloud instance on the internet is 30 minutes. Additionally, 58% of security breaches downloaded crypto mining software within 22 seconds of hacking the account.

money

The source: Google

Taking into account the above timeline, the first attacks and subsequent downloads are event-driven. No human intervention is required. The report says:

“The ability to intervene manually in these situations to prevent exploitation is almost impossible. The best defense is not to deploy a vulnerable system or use automated response mechanisms. “

In connection with Russian

The Russian government-backed APT28 attack group, also known as Fancy Bear, hacked around 12,000 Gmail accounts in a mass fraud attempt. Similar to the previously mentioned tasks, these scammers trick the user into changing credentials on a fake phishing site they control.

Another attack targeted a North Korea-backed hacking group posing as a recruiter for Samsung and sending fake job offers to employees of South Korean information security companies.

Aside from that, Bitcoin magazine recently reported that scammers mined YouTube videos and made at least $ 8.9 million from fake crypto giveaways in October alone.

With this dramatic increase in malicious activity, improving security by integrating two-factor authentication (2FA) must be a priority.

Join Bitcoin Magazine Telegram to keep track of news and comment on this article: https://t.me/coincunews

Follow the Youtube Channel | Subscribe to telegram channel | Follow the Facebook page

Google reveals hacked cloud versions for mining cryptocurrencies

Google plans to invest $7 billion in the United States Offices in 2021

Google reveals hacked cloud versions for mining cryptocurrencies. Conventional mining and cryptocurrency mining may not be the same thing, but they still have something in common. Illegal mining in both forms harms the environment, the economy, public order and governance. Online attacks are very common including cryptocurrency mining abuse, phishing campaigns, ransomware, etc.

A new google cybersecurity report has Disclosure Lots of alarming statistics. In particular, the most compromised Google Cloud accounts are used for mining cryptocurrencies.

The Google Cybersecurity Action Team has published the first issue of Threat Horizons Insights. The report is based on threat intelligence observations from the Threat Analysis Group (TAG), Google Cloud Threat Intelligence for Chronicle, Trust and Safety, and many other internal teams.

money

Source: Google

The report states:

“Of the 50 recently compromised Google Cloud Platform (GCP) instances, 86% of the Google Cloud instances were used for mining cryptocurrencies – a for-profit process that uses a lot of cloud resources, often CPU / GPU resources or im Cases of Chia Mining, Storage Room ”.

Google cloud used for illegal cryptocurrency mining

According to the report, 10% of the compromised accounts are used to scan other public internet resources to identify vulnerable systems and 8% of the compromised accounts are used to attack targets.

The report also analyzes the cause of this situation. For example, 48% of violations are attributed to actors who gain access to a cloud instance connected to the Internet. You have no passwords or weak passwords from user accounts and API connections.

The attack activities mentioned are not new. In fact, more and more cloud platforms are falling victim to phishing and ransomware campaigns.

“In addition, attackers continue to exploit poorly configured instances of the cloud in order to profit from the mining of cryptocurrencies and the increasing data traffic. The ransomware universe continues to grow as several new ransomware have been discovered, which appear to be versions of existing malware with multiple combinations of capabilities. “

In addition, time also plays an important role in the attack on Google Cloud instances. The shortest time it takes to mine a vulnerable cloud instance on the internet is 30 minutes. Additionally, 58% of security breaches downloaded crypto mining software within 22 seconds of hacking the account.

money

The source: Google

Taking into account the above timeline, the first attacks and subsequent downloads are event-driven. No human intervention is required. The report says:

“The ability to intervene manually in these situations to prevent exploitation is almost impossible. The best defense is not to deploy a vulnerable system or use automated response mechanisms. “

In connection with Russian

The Russian government-backed APT28 attack group, also known as Fancy Bear, hacked around 12,000 Gmail accounts in a mass fraud attempt. Similar to the previously mentioned tasks, these scammers trick the user into changing credentials on a fake phishing site they control.

Another attack targeted a North Korea-backed hacking group posing as a recruiter for Samsung and sending fake job offers to employees of South Korean information security companies.

Aside from that, Bitcoin magazine recently reported that scammers mined YouTube videos and made at least $ 8.9 million from fake crypto giveaways in October alone.

With this dramatic increase in malicious activity, improving security by integrating two-factor authentication (2FA) must be a priority.

Join Bitcoin Magazine Telegram to keep track of news and comment on this article: https://t.me/coincunews

Follow the Youtube Channel | Subscribe to telegram channel | Follow the Facebook page

Leave a Reply