Top IT Security Bloggers

Exposed Docker Control API and Community Image Abused to Deliver Cryptocurrency-Mining Malware

Through data analysis of the container honeypots we’ve set up to monitor threats, we’ve uncovered notable activities of undesired or unauthorized cryptocurrency miners being deployed as rogue containers using a community-contributed container image published on Docker Hub. The image is being abused as part of a malicious service that delivers cryptocurrency-mining malware. Networking tools are retrieved to carry out lateral movement on other exposed containers and applications.
The activities we uncovered are also significant in that they don’t need to exploit vulnerabilities and don’t depend on any version of Docker. Identifying a misconfigured and thus exposed container image is all it could take for attackers to infect many exposed hosts.
The post Exposed Docker Control API and Community Image Abused to Deliver Cryptocurrency-Mining Malware appeared first on .

Read the full article

Editor's Recommendations

Solution Centres

Brand Page

Events

View all events Submit your own security event

Latest Videos

More videos

Blog Posts

Media Release

More media release