Even crypto-miners want to move to the cloud

Collapse
X
 
  • Time
  • Show
Clear All
new posts
  • PCHF IT Feeds
    PCHF Bot
    • Jan 2015
    • 54580

    #1

    Even crypto-miners want to move to the cloud

    Numerous threat actors are reportedly duking it out for access to the limited cloud computing power they can use for cryptocurrency mining activities.

    A report by Trend Micro describing, “A floating battleground navigating the landscape of cloud-based cryptocurrency mining”, claims there’s an “hour-by-hour” battle between multiple groups over which gets to use compromised cloud servers as miners.

    “Just a few hours of compromise could result in profits for the perpetrators. That’s why we’re seeing a continuous fight for cloud CPU resources. It’s akin to a real-life capture-the-flag, with the victim’s cloud infrastructure the battleground,” said Stephen Hilt, Senior Threat Researcher at Trend Micro.

    TechRadar needs you!
    We’re looking at how our readers use VPNs with different devices so we can improve our content and offer better advice. This survey shouldn’t take more than 60 seconds of your time, and entrants from the UK and US will have the chance to enter a draw for a £100 Amazon gift card (or equivalent in USD). Thank you for taking part.
    Click here to start the survey in a new window p>
    [HEADING=1]Increasing costs[/HEADING]
    “Threats like this need joined-up, platform-based security to ensure the bad guys have nowhere to hide. The right platform will help teams map their attack surface, assess risk, and apply for the right protection without adding excessive overheads.”

    Compute power in the cloud is excessive, but not all of it is available to cybercrooks. Trend Micro is saying that the groups are only able to exploit exposed instances, which usually have outdated cloud software, poor cloud security hygiene, or are being run by people with inadequate knowledge on how to secure the services.

    Brute-forcing SecureShell (SSH) credentials is also sometimes used, the researchers have added.

    Cloud computing has proven pivotal for the survival of many businesses during the pandemic. But some have been left online for longer than needed, the report claims, which means they’re now sitting unpatched and misconfigured.

    Read more
    Cryptominers were the most common malware threat in 2021

    Cryptominers now gobbling up AMD CPUs because graphics cards are too expensive

    Best mining rigs and mining PCs for Bitcoin, Ethereum and more
    Compromised systems will not only slow down key user-facing services for targeted organizations, but can also increase their operating costs by up to 600%. After all, a cryptocurrency miner needs significant computing resources as well as electricity, and a stable internet connection.

    Trend Micro also says that some groups use miners as a “side gig”, to earn a few extra bucks as they wait for a customer willing to buy access to the compromised endpoints.

    To remain secure, the researchers advise companies to always keep their systems updated, to run only required services, to deploy firewalls, IDS/IPS, and cloud endpoint security solutions, to eliminate configuration errors, to monitor traffic to and from cloud instances, and to deploy rules that monitor open ports, changes to DNS routing, and utilization of CPU resources from a cost perspective.

    [ul]
    [li]To stay safe from the threats in the cyberspace, make sure to deploy one of the best antivirus solutions available today[/li][/ul]

    Continue reading…
Working...