Related Posts
- Advertisement -
- Security researchers see new campaigns aimed at Docker -agencies
- The attack implements a cloud crypto mine worker and a worm for further distribution
- The miner generates the Dero -Orauta
Hackers build a botnet from incorrectly configured Docker API agencies and use it to minimize the Dero -Cryptocurrency, have warned experts.
Security researchers from Kaspersky reported finding a “container zombie outbreak” that started with an exposed Docker API.
“This led to the current containers being compromised and new ones were made, not only to hijack the resources of the victim for cryptocurrency -mining, but also to launch external attacks to spread to other networks,” they explained.
Negotiations going on?
In this zombie outbreak, the “Patient Zero” is a wrongly configured API that remains open to the internet. There, the attackers implement a piece of malware disguised as ‘Nginx’, a powerful, open-source web server and reverse proxy server.
The malware scans on vulnerable authorities and infect them, and then creates new malignant containers and forces existing to Dero. At the same time, it continues to spread to other systems.
This is a two -step process, Kaspersky explains. Nginx is the propagation -tool that scans on new victims, with the miner be a cloud -based solution. Both components are written in Golang, making them rather difficult to detect.
Kaspersky also says that unlike traditional cryptojacking campaigns, it is not dependent on a Command & Control (C2) server, but spread autonomously instead, like a worm.
Users who run Docker must check their API settings and ensure that it is not exposed to the internet. Moreover, they must strengthen their login data and perform regular security audits and monitoring.
Although cyber criminals usually hijack servers to exploit Monero with the XMRIG, this is not the first time that researchers have seen Dero. According to The Hacker NewsCrowdstrike saw Kubernetes clusters the target in March 2023, and a subsequent iteration of the same campaign was spotted by WIZ in June 2024.
Just like Monero, Dero is also a privacy -oriented layer of 1 blockchain, built to support decentralized applications (DAPPs) and smart contracts.
Maybe you like it too
- Advertisement -
