New hacking campaign against Docker hosts detailed

20 January 2024

Attackers have been compromising vulnerable Docker services with the XMRig cryptocurrency mining malware and the 9HIts Viewer software as part of a novel hacking campaign that not only exfiltrates cryptocurrency but also generates fake website traffic, The Hacker News reports. Susceptible Docker servers potentially identified through a Shodan search have been breached to facilitate the deployment of containers containing the cryptominer and the viewer application, with the former using available CPU resources to establish a connection with a private mining pool to obfuscate the campaign while the latter uses the remaining resources to limit the performance of impacted servers, a report from Cado Security Labs showed.

Source: SC Magazine

Date:

20 January 2024

Categorie(s):

NEWS

Tag(s):

Breach, Containers, Docker, New, Open Source

Offensive Awakening: The 2024 Shift from Defensive to Proactive Security5 May 2024
End-to-end encryption may be the bane of cops, but they can’t close that Pandora’s Box5 May 2024
Week in review: PoCs allow persistence on Palo Alto firewalls, Okta credential stuffing attacks5 May 2024
Navigating the Digital Age: AI’s Crucial Role in Cybersecurity Reinforcement5 May 2024
Dating apps kiss’n’tell all sorts of sensitive personal info4 May 2024