艾金森
漂流瓶终于彻底拜拜 微信7.0.4新版体验
微信漂流瓶被玩坏了 聊聊漂流瓶里那些事
微信关闭漂流瓶 它曾经满足了我们对世界的好奇
微信暂停漂流瓶功能:对色情内容零容忍
[视频]惠普Chromebook x360 14 G1评测:搭载Chrome OS的商务变形本
特斯拉:北京客户可三年免息融资购车并免费租赁车牌
借贷宝:停止催收百名裸条女大学生 未满23岁将不得借贷
京东白条多地频现盗刷 消费者遭催收公司“逼债”
借款野蛮催收行为将被规范 真是几家欢喜几家愁
为规范网贷催收 上海互金协会发行业倡议书
腾讯解释为什么微信没有夜间模式 真相你相信吗?
一张发行8年的微信唱片:只收录了4首歌曲


漂流瓶终于彻底拜拜 微信7.0.4新版体验
微信漂流瓶被玩坏了 聊聊漂流瓶里那些事
微信关闭漂流瓶 它曾经满足了我们对世界的好奇
微信暂停漂流瓶功能:对色情内容零容忍
[视频]惠普Chromebook x360 14 G1评测:搭载Chrome OS的商务变形本
特斯拉:北京客户可三年免息融资购车并免费租赁车牌
借贷宝:停止催收百名裸条女大学生 未满23岁将不得借贷
京东白条多地频现盗刷 消费者遭催收公司“逼债”
借款野蛮催收行为将被规范 真是几家欢喜几家愁
为规范网贷催收 上海互金协会发行业倡议书
腾讯解释为什么微信没有夜间模式 真相你相信吗?
一张发行8年的微信唱片:只收录了4首歌曲


Tainted, crypto-mining containers pulled from Docker Hub
从DOCKER集线器中提取污染的加密采矿容器

当前位置: 艾金森 > 门户 > 新闻

点击量 32
编辑: 1   作者: Techcrunch   时间: 2018/10/30 23:57:31  

Security companies Fortinet and Kromtech found seventeen tainted Docker containers that were essentially downloadable images containing programs that had been designed to mine cryptocurrencies. Further investigation found that they had been downloaded 5 million times, suggesting that hackers were able to inject commands into insecure containers to download this code into otherwise healthy web applications. The researchers found the containers on Docker Hub, a repository for user images.

"Of course, we can safely assume that these had not been deployed manually. In fact, the attack seems to be fully automated. Attackers have most probably developed a script to find misconfigured Docker and Kubernetes installations. Docker works as a client/server architecture, meaning the service can be fully managed remotely via the REST API," wrote researcher David Maciejak.

The containers are now gone, but the hackers may have gotten away with up to $90,000 in cryptocurrency, a small but significant amount for such a hack.

"Today’s growing number of publicly accessible misconfigured orchestration platforms like Kubernetes allows hackers to create a fully automated tool that forces these platforms to mine Monero," said a writer of a report by Kromtech. "By pushing malicious images to a Docker Hub registry and pulling it from the victim’s system, hackers were able to mine 544.74 Monero, which is equal to $90,000."

“As with public repositories like GitHub, Docker Hub is there for the service of the community. When dealing with open public repositories and open source code, we recommend that you follow a few best practices including: know the content author, scan images before running and use curated official images in Docker Hub and certified content in Docker Store whenever possible," wrote Docker's head of security David Lawrence in a Threatpost report.

Interestingly, of late hackers have moved from attacking AWS Elastic Compute servers on Amazon's platform to Docker and other container-based systems. While there are security systems available to manage Docker and Kubernetes containers, users should remain vigilant and assess their vulnerabilities before hackers get more of an upper hand.