Cryptojacking Docker Platforms
News
Hackers Launched New Cryptojacking Campaign To Find Docker Platforms
November 28, 2019
Cryptojacking Docker Platforms
News
Hackers Launched New Cryptojacking Campaign To Find Docker Platforms
November 28, 2019

A group of hackers has launched a new cryptojacking campaign on November 24, scanning as many as 59,000 IP networks to find Docker platforms that have API endpoints exposed online.

On November 26, it has been reported by ZDNet, a business technology publication, that the campaign is targeting vulnerable Docker instances in order to deploy crypto-malware to generate funds for the hacking group by mining Monero (XMR).

It has been analyzed that the mass scanning issue was first discovered by Bad Packets LLC, the American internet security firm, on November 25.

However, Troy Mursch, the Chief Research Officer and Co-founder of Bad Packets LLC, said that exploit activity targeting exposed Docker instances is not new and happens quite often.

ALSO READ :  Bogotá Aprende TIC Launches Free Online Blockchain Courses

Docker is a developer tool designed to simplify processes of creating, deploying and running software by using containers. Containers allow developers to package up an application with all of the required parts like libraries and other dependencies and deliver it as one package.

In March 2018, Imperva, a cybersecurity company, reported that 400 Docker servers, which were remotely accessible through an API weakness, contained Monero mining programs.

Likewise, Mursch, who reportedly discovered the campaign, told that once the hacking group manages to identify an exposed host, attackers deploy the API endpoint to start an Alpine Linux OS container to run a command that downloads and runs a Bash script from the attackers’ server. That script then reportedly installs a “classic XMRRig cryptocurrency miner.”

According to Mursch, hackers mined 14.82 XMR in the two days the Docker-targeting campaign has been active, which is worth $835 at press time.

ALSO READ :  Forte Taps 5 New Blockchain Gaming Partners To Bring Out The Best Gaming Experience

So, in order to avoid the newly detected vulnerability, Mursch recommends that users who run Docker instances immediately check if they are exposing their API endpoints on the internet, close the ports, and terminate unrecognized running containers.

On November 25, BitBay, the major crypto exchange, announced that the platform will delist Monero due to money laundering concerns.

Thus, BitBay follows other exchanges like OKEx, who have delisted the cryptocurrency in order to remain compliant with guidelines set by the Financial Action Task Force.

Source: zdnet.com | blog.usejournal.com | cointelegraph.com

Disclaimer

Crypto News Point a news platform of Digital Notice Media Labs is primarily a regular publication of information, commentary and articles focused extensively on fintech, blockchain technology, cryptocurrency, blockchain-based tokens, cryptocurrency market trends, and trading strategies. We do not provide individually tailored investment advice and does not take a subscriber’s or anyone’s circumstances into consideration when discussing investments, nor is Crypto News Point registered as an investment adviser or broker-dealer in any jurisdiction. Information contained herein is not an offer or solicitation to buy, hold, or sell any digital assets.

Affiliate Disclosure: To help support the work we do here at CNP, we often link to products and deals from around the web. Should you buy some of these, we may get a portion of the sale.

We in generally gather content from the major websites. In every article there is always a clear link and attribution to the source publication. If you have any issue with any of our published content taken from your site, kindly let us know so that we can take appropriate action. In any case, the content of the pages of this website is for your general information and use only. It is subject to change without notice.

You May Also like

Ishita Bora

Ishita Bora is a Senior Content Creator at Digital Notice Media Labs with an experience of 1 year. She has completed her Master's Degree in Language and Linguistics in 2019 from Gauhati University, India. Her interest lies in blockchain technology and cryptocurrency space. She loves writing about blockchain and other blockchain-related articles.