{"id":256713,"date":"2020-04-06T17:22:28","date_gmt":"2020-04-06T21:22:28","guid":{"rendered":"https:\/\/insidebitcoins.com\/?p=256713"},"modified":"2020-04-06T17:22:28","modified_gmt":"2020-04-06T21:22:28","slug":"researchers-discover-sophisticated-cloud-based-mining-malware","status":"publish","type":"post","link":"https:\/\/insidebitcoins.com\/news\/researchers-discover-sophisticated-cloud-based-mining-malware","title":{"rendered":"Researchers Discover Sophisticated Cloud-Based Mining Malware\u00a0"},"content":{"rendered":"

Cybersecurity researchers are shedding their light on Bitcoin and cryptocurrencies once more, as a new strain of malware that functions with Bitcoin miners have been found.\u00a0<\/span><\/p>\n

In a\u00a0<\/span>report<\/span><\/a>\u00a0published earlier this month, cybersecurity firm Aqua Security confirmed that they\u2019ve come to notice a new and persistent malware campaign that targets thousands of Docker systems and runs on a Bitcoin miner.\u00a0<\/span><\/p>\n

A Massive Target Count\u00a0<\/span><\/strong><\/h2>\n

The company\u2019s report confirmed that it has been recording attacks for months now, as the malware\u2019s operators have chosen to target several thousand victims in a day. The target rate has essentially surpassed what the firm has seen before, the post confirmed.\u00a0<\/span><\/p>\n

Going even deeper, the firm identified that the malware is a Golang-based Linux agent that\u2019s called Kinsing. It looks out for misconfigurations in Docker API ports, then uses them to expand its operations. The malware also runs an Ubuntu container, which downloads it and tries to propagate it to as many hosts as possible.\u00a0<\/span><\/p>\n

The objective of the campaign is to deploy a crypto miner on a computer, thus enriching its owners. It does this by exploiting the vulnerability in the Docker port, then operating while also evading detection.\u00a0<\/span><\/p>\n

Aqua\u2019s study also showed some insights into the malware\u2019s components, with the firm explaining that the campaign is a proper example of how cloud-native environments can be corrupted and taken advantage of. The firm pointed out that attackers are more sophisticated in their approach, and enterprise security teams will need to be more effective in developing threat mitigation strategies.\u00a0<\/span><\/p>\n

The firm provided a few pointers to security teams, including the identification of all cloud-based resources that their clients use and grouping them into a logical structure. Authentication and authorization policies should also be properly reviewed, and basic security policies should be adjusted on the \u201cleast privilege\u201d basis.\u00a0<\/span><\/p>\n

Security companies can also look into logs to identify anomalous user actions and implement cloud security tools.\u00a0\u00a0<\/span><\/p>\n

Vollgar: The Silent Crypto Mining Malware<\/span><\/strong><\/h2>\n

Kinsing isn\u2019t the only sophisticated malware that\u2019s been making the rounds lately. Last week, Guardicore Labs announced that it had been able to identify a new mining malware strain that has been operating for up to 2 years.\u00a0<\/span><\/p>\n

In a blog post, the firm identified Vollgar, a threat actor that mines Vollar, a little-known altcoin. The firm explained that the malware<\/a> targets Windows machines that run on the MS-SQL servers \u2013 computers which, as it estimates, are only about 500,000 left in the world.\u00a0<\/span><\/p>\n

\u00a0While these servers are scarce, they\u2019ve become especially famous for the massive processing power that they provide, as well as the ability to store valuable personal and financial information. Guardicore Labs explained that once Vollgar infects a server, it kills off the processes of other threat actors entirely, then it deploys multiple backdoors, crypto miners, and Remote Access Trojans.\u00a0\u00a0<\/span><\/p>\n

Attacks with the tool have come from over 120 IP addresses, although most appear to be localized in China. Giardicore also opined that most of these machines are corresponding with compromised machines and are being used to target more victims.<\/span><\/p>\n","protected":false},"excerpt":{"rendered":"

Cybersecurity researchers are shedding their light on Bitcoin and cryptocurrencies once more, as a new strain of malware that functions with Bitcoin miners have been […]<\/a><\/div>","protected":false},"author":1770,"featured_media":71708,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"inline_featured_image":false,"footnotes":""},"categories":[7596],"tags":[5549,10606,8217],"class_list":["post-256713","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cryptocurrency","tag-cryptocurrency","tag-cybersecurity","tag-malware"],"acf":[],"yoast_head":"\nResearchers Discover Sophisticated Cloud-Based Mining Malware\u00a0 - InsideBitcoins.com<\/title>\n<meta name=\"description\" content=\"Cybersecurity researchers are shedding their light on Bitcoin and cryptocurrencies once more, as a new strain of malware that functions with Bitcoin miners have been found.\u00a0\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/insidebitcoins.com\/wp-json\/wp\/v2\/posts\/256713\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Researchers Discover Sophisticated Cloud-Based Mining Malware\u00a0\" \/>\n<meta property=\"og:description\" content=\"Cybersecurity researchers are shedding their light on Bitcoin and cryptocurrencies once more, as a new strain of malware that functions with Bitcoin miners have been found.\u00a0\" \/>\n<meta property=\"og:site_name\" content=\"InsideBitcoins.com\" \/>\n<meta property=\"article:published_time\" content=\"2020-04-06T21:22:28+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/insidebitcoins.com\/wp-content\/uploads\/2017\/09\/bitcoinist.commalware-buried-in-code-10-612999321205c279d71361d007a4e7430588e45b.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1024\" \/>\n\t<meta property=\"og:image:height\" content=\"683\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Jimmy Aki\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@adejimi\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Jimmy Aki\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"NewsArticle\",\"@id\":\"https:\/\/insidebitcoins.com\/wp-json\/wp\/v2\/posts\/256713#article\",\"isPartOf\":{\"@id\":\"https:\/\/insidebitcoins.com\/wp-json\/wp\/v2\/posts\/256713\"},\"author\":{\"name\":\"Jimmy Aki\",\"@id\":\"https:\/\/insidebitcoins.com\/#\/schema\/person\/a66ff7827d8bed054aa6be4e9d8c1dad\"},\"headline\":\"Researchers Discover Sophisticated Cloud-Based Mining Malware\u00a0\",\"datePublished\":\"2020-04-06T21:22:28+00:00\",\"dateModified\":\"2020-04-06T21:22:28+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/insidebitcoins.com\/wp-json\/wp\/v2\/posts\/256713\"},\"wordCount\":520,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\/\/insidebitcoins.com\/#organization\"},\"image\":{\"@id\":\"https:\/\/insidebitcoins.com\/wp-json\/wp\/v2\/posts\/256713#primaryimage\"},\"thumbnailUrl\":\"https:\/\/insidebitcoins.com\/wp-content\/uploads\/2017\/09\/bitcoinist.commalware-buried-in-code-10-612999321205c279d71361d007a4e7430588e45b.jpg\",\"keywords\":[\"Cryptocurrency\",\"cybersecurity\",\"Malware\"],\"articleSection\":[\"Breaking Crypto News\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/insidebitcoins.com\/wp-json\/wp\/v2\/posts\/256713#respond\"]}],\"copyrightYear\":\"2020\",\"copyrightHolder\":{\"@id\":\"https:\/\/insidebitcoins.com\/#organization\"}},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/insidebitcoins.com\/wp-json\/wp\/v2\/posts\/256713\",\"url\":\"https:\/\/insidebitcoins.com\/wp-json\/wp\/v2\/posts\/256713\",\"name\":\"Researchers Discover Sophisticated Cloud-Based Mining Malware\u00a0 - InsideBitcoins.com\",\"isPartOf\":{\"@id\":\"https:\/\/insidebitcoins.com\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/insidebitcoins.com\/wp-json\/wp\/v2\/posts\/256713#primaryimage\"},\"image\":{\"@id\":\"https:\/\/insidebitcoins.com\/wp-json\/wp\/v2\/posts\/256713#primaryimage\"},\"thumbnailUrl\":\"https:\/\/insidebitcoins.com\/wp-content\/uploads\/2017\/09\/bitcoinist.commalware-buried-in-code-10-612999321205c279d71361d007a4e7430588e45b.jpg\",\"datePublished\":\"2020-04-06T21:22:28+00:00\",\"dateModified\":\"2020-04-06T21:22:28+00:00\",\"description\":\"Cybersecurity researchers are shedding their light on Bitcoin and cryptocurrencies once more, as a new strain of malware that functions with Bitcoin miners have been found.\u00a0\",\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/insidebitcoins.com\/wp-json\/wp\/v2\/posts\/256713\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/insidebitcoins.com\/wp-json\/wp\/v2\/posts\/256713#primaryimage\",\"url\":\"https:\/\/insidebitcoins.com\/wp-content\/uploads\/2017\/09\/bitcoinist.commalware-buried-in-code-10-612999321205c279d71361d007a4e7430588e45b.jpg\",\"contentUrl\":\"https:\/\/insidebitcoins.com\/wp-content\/uploads\/2017\/09\/bitcoinist.commalware-buried-in-code-10-612999321205c279d71361d007a4e7430588e45b.jpg\",\"width\":1024,\"height\":683},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/insidebitcoins.com\/#website\",\"url\":\"https:\/\/insidebitcoins.com\/\",\"name\":\"InsideBitcoins.com\",\"description\":\"Search & Compare Brokers within Crypto, Forex & Stocks\",\"publisher\":{\"@id\":\"https:\/\/insidebitcoins.com\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/insidebitcoins.com\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/insidebitcoins.com\/#organization\",\"name\":\"InsideBitcoins\",\"url\":\"https:\/\/insidebitcoins.com\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/insidebitcoins.com\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/insidebitcoins.com\/wp-content\/uploads\/2022\/07\/insidebitcoins.svg\",\"contentUrl\":\"https:\/\/insidebitcoins.com\/wp-content\/uploads\/2022\/07\/insidebitcoins.svg\",\"width\":195,\"height\":32,\"caption\":\"InsideBitcoins\"},\"image\":{\"@id\":\"https:\/\/insidebitcoins.com\/#\/schema\/logo\/image\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\/\/insidebitcoins.com\/#\/schema\/person\/a66ff7827d8bed054aa6be4e9d8c1dad\",\"name\":\"Jimmy Aki\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/insidebitcoins.com\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/insidebitcoins.com\/wp-content\/uploads\/2024\/04\/avatar_user_1770_1713269729-96x96.png\",\"contentUrl\":\"https:\/\/insidebitcoins.com\/wp-content\/uploads\/2024\/04\/avatar_user_1770_1713269729-96x96.png\",\"caption\":\"Jimmy Aki\"},\"description\":\"Jimmy has been following the development of blockchain for several years, and he is optimistic about its potential to democratize the financial system. Jimmy's previously published work can be found on Business2Community, EconomyWatch, Learnbonds.com, Basketball Insiders, Buyshares.co.uk and a range of other leading media publications. Jimmy has also been investing in Bitcoin since 2018 and more recently in non-fungible tokens (NFTs) since their boom in 2021.\",\"sameAs\":[\"https:\/\/www.linkedin.com\/in\/jimiakinleye\/\",\"https:\/\/x.com\/adejimi\"],\"knowsAbout\":[\"Cryptocurrency\",\"Investment and Blockchain Development\"],\"jobTitle\":\"Editor\",\"url\":\"https:\/\/insidebitcoins.com\/author\/jimmyaki\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"Researchers Discover Sophisticated Cloud-Based Mining Malware\u00a0 - InsideBitcoins.com","description":"Cybersecurity researchers are shedding their light on Bitcoin and cryptocurrencies once more, as a new strain of malware that functions with Bitcoin miners have been found.\u00a0","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/insidebitcoins.com\/wp-json\/wp\/v2\/posts\/256713","og_locale":"en_US","og_type":"article","og_title":"Researchers Discover Sophisticated Cloud-Based Mining Malware\u00a0","og_description":"Cybersecurity researchers are shedding their light on Bitcoin and cryptocurrencies once more, as a new strain of malware that functions with Bitcoin miners have been found.\u00a0","og_site_name":"InsideBitcoins.com","article_published_time":"2020-04-06T21:22:28+00:00","og_image":[{"width":1024,"height":683,"url":"https:\/\/insidebitcoins.com\/wp-content\/uploads\/2017\/09\/bitcoinist.commalware-buried-in-code-10-612999321205c279d71361d007a4e7430588e45b.jpg","type":"image\/jpeg"}],"author":"Jimmy Aki","twitter_card":"summary_large_image","twitter_creator":"@adejimi","twitter_misc":{"Written by":"Jimmy Aki","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"NewsArticle","@id":"https:\/\/insidebitcoins.com\/wp-json\/wp\/v2\/posts\/256713#article","isPartOf":{"@id":"https:\/\/insidebitcoins.com\/wp-json\/wp\/v2\/posts\/256713"},"author":{"name":"Jimmy Aki","@id":"https:\/\/insidebitcoins.com\/#\/schema\/person\/a66ff7827d8bed054aa6be4e9d8c1dad"},"headline":"Researchers Discover Sophisticated Cloud-Based Mining Malware\u00a0","datePublished":"2020-04-06T21:22:28+00:00","dateModified":"2020-04-06T21:22:28+00:00","mainEntityOfPage":{"@id":"https:\/\/insidebitcoins.com\/wp-json\/wp\/v2\/posts\/256713"},"wordCount":520,"commentCount":0,"publisher":{"@id":"https:\/\/insidebitcoins.com\/#organization"},"image":{"@id":"https:\/\/insidebitcoins.com\/wp-json\/wp\/v2\/posts\/256713#primaryimage"},"thumbnailUrl":"https:\/\/insidebitcoins.com\/wp-content\/uploads\/2017\/09\/bitcoinist.commalware-buried-in-code-10-612999321205c279d71361d007a4e7430588e45b.jpg","keywords":["Cryptocurrency","cybersecurity","Malware"],"articleSection":["Breaking Crypto News"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/insidebitcoins.com\/wp-json\/wp\/v2\/posts\/256713#respond"]}],"copyrightYear":"2020","copyrightHolder":{"@id":"https:\/\/insidebitcoins.com\/#organization"}},{"@type":"WebPage","@id":"https:\/\/insidebitcoins.com\/wp-json\/wp\/v2\/posts\/256713","url":"https:\/\/insidebitcoins.com\/wp-json\/wp\/v2\/posts\/256713","name":"Researchers Discover Sophisticated Cloud-Based Mining Malware\u00a0 - InsideBitcoins.com","isPartOf":{"@id":"https:\/\/insidebitcoins.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/insidebitcoins.com\/wp-json\/wp\/v2\/posts\/256713#primaryimage"},"image":{"@id":"https:\/\/insidebitcoins.com\/wp-json\/wp\/v2\/posts\/256713#primaryimage"},"thumbnailUrl":"https:\/\/insidebitcoins.com\/wp-content\/uploads\/2017\/09\/bitcoinist.commalware-buried-in-code-10-612999321205c279d71361d007a4e7430588e45b.jpg","datePublished":"2020-04-06T21:22:28+00:00","dateModified":"2020-04-06T21:22:28+00:00","description":"Cybersecurity researchers are shedding their light on Bitcoin and cryptocurrencies once more, as a new strain of malware that functions with Bitcoin miners have been found.\u00a0","inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/insidebitcoins.com\/wp-json\/wp\/v2\/posts\/256713"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/insidebitcoins.com\/wp-json\/wp\/v2\/posts\/256713#primaryimage","url":"https:\/\/insidebitcoins.com\/wp-content\/uploads\/2017\/09\/bitcoinist.commalware-buried-in-code-10-612999321205c279d71361d007a4e7430588e45b.jpg","contentUrl":"https:\/\/insidebitcoins.com\/wp-content\/uploads\/2017\/09\/bitcoinist.commalware-buried-in-code-10-612999321205c279d71361d007a4e7430588e45b.jpg","width":1024,"height":683},{"@type":"WebSite","@id":"https:\/\/insidebitcoins.com\/#website","url":"https:\/\/insidebitcoins.com\/","name":"InsideBitcoins.com","description":"Search & Compare Brokers within Crypto, Forex & Stocks","publisher":{"@id":"https:\/\/insidebitcoins.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/insidebitcoins.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/insidebitcoins.com\/#organization","name":"InsideBitcoins","url":"https:\/\/insidebitcoins.com\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/insidebitcoins.com\/#\/schema\/logo\/image\/","url":"https:\/\/insidebitcoins.com\/wp-content\/uploads\/2022\/07\/insidebitcoins.svg","contentUrl":"https:\/\/insidebitcoins.com\/wp-content\/uploads\/2022\/07\/insidebitcoins.svg","width":195,"height":32,"caption":"InsideBitcoins"},"image":{"@id":"https:\/\/insidebitcoins.com\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/insidebitcoins.com\/#\/schema\/person\/a66ff7827d8bed054aa6be4e9d8c1dad","name":"Jimmy Aki","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/insidebitcoins.com\/#\/schema\/person\/image\/","url":"https:\/\/insidebitcoins.com\/wp-content\/uploads\/2024\/04\/avatar_user_1770_1713269729-96x96.png","contentUrl":"https:\/\/insidebitcoins.com\/wp-content\/uploads\/2024\/04\/avatar_user_1770_1713269729-96x96.png","caption":"Jimmy Aki"},"description":"Jimmy has been following the development of blockchain for several years, and he is optimistic about its potential to democratize the financial system. Jimmy's previously published work can be found on Business2Community, EconomyWatch, Learnbonds.com, Basketball Insiders, Buyshares.co.uk and a range of other leading media publications. Jimmy has also been investing in Bitcoin since 2018 and more recently in non-fungible tokens (NFTs) since their boom in 2021.","sameAs":["https:\/\/www.linkedin.com\/in\/jimiakinleye\/","https:\/\/x.com\/adejimi"],"knowsAbout":["Cryptocurrency","Investment and Blockchain Development"],"jobTitle":"Editor","url":"https:\/\/insidebitcoins.com\/author\/jimmyaki"}]}},"_links":{"self":[{"href":"https:\/\/insidebitcoins.com\/wp-json\/wp\/v2\/posts\/256713"}],"collection":[{"href":"https:\/\/insidebitcoins.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/insidebitcoins.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/insidebitcoins.com\/wp-json\/wp\/v2\/users\/1770"}],"replies":[{"embeddable":true,"href":"https:\/\/insidebitcoins.com\/wp-json\/wp\/v2\/comments?post=256713"}],"version-history":[{"count":0,"href":"https:\/\/insidebitcoins.com\/wp-json\/wp\/v2\/posts\/256713\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/insidebitcoins.com\/wp-json\/wp\/v2\/media\/71708"}],"wp:attachment":[{"href":"https:\/\/insidebitcoins.com\/wp-json\/wp\/v2\/media?parent=256713"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/insidebitcoins.com\/wp-json\/wp\/v2\/categories?post=256713"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/insidebitcoins.com\/wp-json\/wp\/v2\/tags?post=256713"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}