Docker API servers being hit to spread cryptomining malware

Trending 1 month ago
  1. Home
  2. Technology
  3. Docker API servers being hit to spread cryptomining malware
Docker
(Image credit: Docker)

Hackers are targeting susceptible Docker distant API servers, and utilizing them to excavation cryptocurrencies connected nan underlying hardware, experts person warned.

Cybersecurity researchers from Trend Micro stated nan crooks took an “unconventional approach” pinch this attack, noting, "the threat character utilized nan gRPC protocol complete h2c to evade information solutions and execute their crypto mining operations connected nan Docker host."

"The attacker first checked nan readiness and type of nan Docker API, past proceeds pinch requests for gRPC/h2c upgrades and gRPC methods to manipulate Docker functionalities."

Which tokens are they mining?

The experts explained that nan crooks would first activity retired public-facing Docker API hosts wherever HTTP/2 protocol tin beryllium upgraded. Then, they would nonstop retired a petition to upgrade to nan h2c protocol which, aft conclusion, allows them to create a container. That instrumentality is yet utilized to excavation cryptocurrencies for nan attackers, via nan SRBMiner payload, hosted connected GitHub.

The researchers added nan crooks utilized SRBMiner to excavation nan XRP token, autochthonal to nan Ripple blockchain built by nan institution of nan aforesaid name. However, XRP is simply a minted token that cannot beryllium mined. We asked Trend Micro for clarification.

SRBMiner uses algorithms for illustration RandomX, KawPow for mining. It tin make a number of different tokens for its operators, but not XRP. Among nan disposable tokens are Monero, Ravencoin, Haven Protocol, Wownero, and Firo.

It’s safe to presume that nan crooks were really mining Monero, 1 of nan astir celebrated tokens among cybercriminals, fixed its precocious privateness and anonymity features. Monero is besides commonly mined via nan XMRig cryptojacker, and its ticker is XRM, rather adjacent to XRP.

Sign up to nan TechRadar Pro newsletter to get each nan apical news, opinion, features and guidance your business needs to succeed!

Trend Micro warned each users to unafraid their Docker distant API servers by implementing stronger entree controls and authentication mechanisms, frankincense barring entree to unauthenticated individuals. Furthermore, users are advised to show nan servers for different activities, and instrumentality champion practices for instrumentality security.

Via The Hacker News

More from TechRadar Pro

  • Windows and Linux servers turned into crypto miners
  • Here's a database of nan best firewalls today
  • These are nan best endpoint protection tools correct now

Sead is simply a seasoned freelance journalist based successful Sarajevo, Bosnia and Herzegovina. He writes astir IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, information breaches, laws and regulations). In his career, spanning much than a decade, he’s written for galore media outlets, including Al Jazeera Balkans. He’s besides held respective modules connected contented penning for Represent Communications.

More
Source Technology
Technology

Related Article

Viltrox is changing the game for camera lenses, with its latest premium prime matching Sony’s best for half the price

Viltrox is changing the game for camera lenses, with its latest premium prime matching Sony’s best for half the price

2 weeks ago
Professionals are facing "tech overload" as they try to juggle multiple devices in the workplace

Professionals are facing "tech overload" as they try to juggle multiple devices in the workplace

2 weeks ago
The Galaxy S25 Ultra's rumored iPhone-beating power could tempt me back to Android

The Galaxy S25 Ultra's rumored iPhone-beating power could tempt me back to Android

2 weeks ago

Popular Article

Soundcore’s newest clip-style earbuds focus on comfort

Soundcore’s newest clip-style earbuds focus on comfort

1 month ago
Better than Black Friday: shop record-low prices on Samsung TVs at Best Buy

Better than Black Friday: shop record-low prices on Samsung TVs at Best Buy

1 month ago
The iPhone SE might serve an unexpected surprise next year

The iPhone SE might serve an unexpected surprise next year

1 month ago
AirPods Pro 2's hearing health features will arrive as a software update starting next week

AirPods Pro 2's hearing health features will arrive as a software update starting next week

1 month ago
The best budget laptops for 2024

The best budget laptops for 2024

1 month ago
English (US) English (US) · Indonesian (ID) Indonesian (ID) ·
About Us · Contact Us · Terms & Conditions ·

©2024 Latest Tech News.
All Rights Reserved.