“Google in its new report “Threat Horizons” has alerted its users that 86% of the compromised instances on the Google Cloud are being used by the malicious actors for crypto mining. The user accounts who have been compromised include those who have kept weak passwords for their account.”
Cryptocurrency Mining using Google Cloud
Google in its recent security report has alerted its users regarding a security weakness in its cloud platform that is being used by the malicious actors for mining cryptocurrency. Google is trying to spread awareness regarding this new threat posed by the actors performing malicious activities, that out of all the accounts compromised in the Google Cloud platform 86% of the accounts are being used for the purpose of cryptocurrency mining.
Causes and Mitigation
The major cause of the vulnerability is the weak security parameters in place by the users accessing the cloud platforms. It has been found that users with weak passwords and poor API validation mechanisms in place are falling victim to such malicious activities. The company’s analysis shows that all such accounts that are compromised have downloaded a crypto mining software in less than 22 seconds of the compromise. This shows that these attacks are well planned and executed. Also, it has been found that the attackers are actively scanning for such weak security instances on Google Cloud as within a timeframe of 8 hours of deployment, such accounts are being compromised.
For the mitigation of such risks, Google requests its users to follow best security policies and set strong passwords and ensure strong API validations. Users can also perform container analysis and use web scanning tools to identify various vulnerabilities in their accounts to ensure they are quickly accounted for.
Disclaimer: The article should not be considered as any financial advice. It is advisable to conduct thorough research before investmenting.
Photo by – AaronJOlson on Pixabay