Image Source
Less than a month ago, we were talking about supercomputers - usually dedicated to research - who had been hijacked to mine Monero. Today, computers from the giant Microsoft’s Azure network have been infected with malware. This malware allows hackers to undermine the famous anonymous crypto.
Specialized computers victims of crypto-jacking
Microsoft published the news on June 10 on its official blog. Hackers took advantage of a configuration problem with some of the firm's computers. The latter, dedicated to machine learning, were hijacked to mine Monero (XMR).
Specifically, hackers have targeted Kubernetes clusters on Microsoft’s Azure cloud network.
Hackers have taken advantage of poor configurations of the Kubeflow development kit. They were then able to install on these machines the XMRIG software, specialized in the mining of Monero.
Microsoft gives as an example the image of a corrupted file, where we see the configuration of the crypto-malware including the XMRIG miner:
Code running XMRIG mining software on infected machines - Source: microsoft.com/security/blog
A flaw created unintentionally by Kubeflow users
Kubeflow is an open-source project. It has been popularized as a framework for performing machine learning tasks. The nodes used for these tasks are often powerful machines and often include graphics cards (GPUs). As Microsoft security says, "It makes it a perfect target for crypto-mining [attack] campaigns."
If hackers have successfully introduced their malicious mining software, it is because of the imprudence of some users regarding the configuration of Kubeflow.
Indeed, the dashboard of machines using this solution is, by default, only accessible via the internal network connecting these computers in Kubernetes clusters. However, developers, a priori in order to facilitate access to machines, have modified the default access to the dashboard, to make it directly accessible via the Internet.
With this configuration, users have created unsecured access to the Kubeflow dashboard, which has been exploited by hackers who are fans of Monero.
Hackers are always ready to take advantage of the smallest door left open to them. Their ingenuity in successfully mining Monero on various computers is quite impressive!
Binance is a trading platform for altcoins. It has a very high level of performance. Indeed, it allows you to perform a large number of operations per second, is available in several languages, offers very responsive customer support and adapts very quickly to new forks.
Please register through this link: https://www.binance.com/en/register?ref=I574DY23
