Trusted

Hackers Attack Cloud Infrastructures to Mine Cryptocurrencies

2 mins
Updated by Dani P
Join our Trading Community on Telegram
A prolonged bear market plagues the market — but cybercriminals still find cryptocurrency mining attacks on business cloud infrastructures worth the effort.
Hackers attack servers and cloud infrastructures of companies primarily with the aim of mining cryptocurrency, the cybersecurity branch of the American telecoms operator AT&T revealed. According to a research paper published by cybersecurity experts of the company, attackers target businesses of all sizes with the aim of exploiting their computing power for digital currency mining purposes. Hackers use four major strategies to get their hands on enterprise computer systems:
  1. Through container management platforms
  2. Through control panel exploitation
  3. Through stealing application programming interfaces (APIs)
  4. Via spreading Docker images infected with malicious code
cryptocurrency mining While the implementations may be different, the essence is the same — to intercept control over web services and cloud infrastructures to run malicious mining code and potentially get access to user data. Attackers use compromised open APIs and unauthenticated management interfaces to hack container management platforms or control panes and install scripts that will run in the background and mine digital coins. Individuals often leave public API keys publicly accessible — which is akin to having the door of your house wide open while inviting burglars to come in and help themselves. Hackers automatically scan web sites and public resources like GitHub for publicly available API keys and use them to get access to business systems and operations. Infected docker images is another tool used by hackers to run mining software and generate income for themselves at the expense of users who download prebuilt docker images with containers operating a mining software. cryptojacking There are numerous ways to detect illicit mining activity on business cloud infrastructures. AT&T offers several recommendations that will reveal mining attacks on cloud systems, including monitoring command line parameters that might look like crypto-mining tools such as xmrig. However, you should understand that something goes wrong — even before you see a suspicious process is running on the background. Cryptocurrency mining is a power-intensive activity, so servers performance is likely to fall while dragging down the efficiency of the operations in general. According to AT&T, hackers breached a server in Amazon Web Services and got unrestricted access to a company’s servers to mine Monero (XMR) and potentially steal customers data. The same story happened to Tesla, where hackers ran a well-hidden cryptojacking campaign on some of the company’s Amazon Web Services cloud infrastructure. Also, an unknown hacker made LA Times readers mine Monero for them by infiltrating a CoinHive script into the newspaper’s Amazon S3 bucket. The attacker even left a message for LA’s server admin, asking them to renew the AWS S3 bucket settings to prevent access. Have you ever fallen victim to cryptojacking? What do you do to protect yourself from cryptocurrency hackers? Let us know in the comments below. 
Top crypto projects in the US | November 2024
Coinbase Coinbase Explore
Coinrule Coinrule Explore
Uphold Uphold Explore
3Commas 3Commas Explore
Chain GPT Chain GPT Explore
Top crypto projects in the US | November 2024
Coinbase Coinbase Explore
Coinrule Coinrule Explore
Uphold Uphold Explore
3Commas 3Commas Explore
Chain GPT Chain GPT Explore
Top crypto projects in the US | November 2024

Disclaimer

In adherence to the Trust Project guidelines, BeInCrypto is committed to unbiased, transparent reporting. This news article aims to provide accurate, timely information. However, readers are advised to verify facts independently and consult with a professional before making any decisions based on this content. Please note that our Terms and ConditionsPrivacy Policy, and Disclaimers have been updated.

Tanya-Chepkova.png
Tanya Chepkova
Tanya started as a financial news feed translator and worked as a financial analyst, news editor and content creator in various Russian and Foreign media outlets. She came to the cryptocurrency industry in 2016.
READ FULL BIO
Sponsored
Sponsored