Hacked cloud accounts are being used to mine crypto, says Google


A report released this week by Google indicates that a majority of recently attacked accounts on its Google Cloud Platform service were used to mine cryptocurrency.

The Threat Horizons report for November stated that "[m]alicious actors were observed performing cryptocurrency mining within compromised Cloud instances."

"Of 50 recently compromised GCP instances, 86% of the compromised Google Cloud instances were used to perform cryptocurrency mining, a cloud resource-intensive for-profit activity, which typically consumed CPU/GPU resources, or in cases of Chia mining, storage space," the report went on to say.

As for the modes of attack, Google contended that the majority of cases involved "poor" practices on the part of Cloud users or third-party applications that introduced vulnerabilities.

"As shown in Table 2, 48% of compromised instances were attributed to actors gaining access to the Internet-facing Cloud instance, which had either no password or a weak password for user accounts or API connections," Google said. "As a result, these Google Cloud instances could be easily scanned and brute forced. 26% of compromised instances were attributed to vulnerabilities in third-party software, which was installed by the owner."

The report doesn't indicate over what timeline those Google Cloud instances were attacked; however, the report does provide a window into the extent that digital workspaces continue to be a target for would-be malicious miners. 

Trending Stories

Get Your Crypto
Daily Brief

Delivered daily, straight to your inbox.

5 Steps to a Successful Crypto AML Program

As cryptocurrencies become increasingly mainstream, regulators, the media and policymakers are paying more attention to the financial crime risks associated with them. But what are the biggest compliance challenges crypto firms face, and what does a best practice AML program look like? 
Read Full Story
Sponsored Post

Layer-2 Scaling Solutions: A Framework for Comparison - Commissioned by Polygon

Ethereum had a breakout year in 2021. It’s native asset, ETH’s, market capitalization surpassed $500 billion for the first time. Its network facilitated upwards of $7 trillion value transfer. Non-fungible tokens (NFTs) emerged as another “killer application” that have put its technology on the global stage and caught the attention of the masses.
Read Full Story
May 5, 2022, 3:17PM UTC

The TRON Ecosystem Thrives Amidst Market Chaos

TRON DAO has announced the launch of a $10 million incentive fund in light of recent events to support Terra developers migrating to the TRON ecosystem, including TRON’s EVM compatible cross-chain solution BitTorrent Chain (BTTC), which helps facilitate the seamless transfer of assets across mainstream public chains, including TRON, Ethereum, and BNB Chain. 
Read Full Story
Sponsored Post