Hackers can install mining software using a compromised Google Cloud account within 30 seconds: report

Hackers can install mining software using a compromised Google Cloud account within 30 seconds: report



In a report designed to assess threats to cloud users, Google’s cybersecurity operations team stated that some attackers are using “poorly configured” accounts to mine cryptocurrency.

On Wednesday, the Google team Said Of the 50 breaches of the Google Cloud Protocol analyzed, 86% were related to crypto mining.Hackers use infected Cloud accounts to access personal CPU or GPU resources to mine tokens or exploit Storage space during mining On the Chia network.

However, Google’s team reports that many attacks are not limited to single malicious acts such as crypto mining, but are also rallying points for other hacking attacks and identification of other vulnerable systems. According to the cybersecurity team, attackers often gain access to cloud accounts because of “bad customer security practices” or “vulnerable third-party software.”

The Cyber ??Security Action Group stated: “Although data theft does not seem to be the target of these compromises, it is still a risk associated with compromise of cloud assets as bad actors begin to engage in various forms of abuse.” “Internet-oriented public cloud instances are right Scanning and brute force attacks are open.”

The speed of the attack is also worth noting. According to Google’s analysis, in most of the incidents analyzed, hackers were able to download encrypted mining software to the infected account within 22 seconds. Google stated that “the initial attack and subsequent downloads are scripted events that do not require manual intervention,” and said that once such incidents occur, it is almost impossible to manually intervene to prevent such incidents.

related: Google bans 8 “deceptive” encrypted apps in the Play Store

Attacking the cloud accounts of multiple users to gain additional computing power is not a new way to illegally mine cryptocurrencies.Many people in the industry know that there have been several high-profile incidents of “crypto hijacking” Including the 2019 hack of Capital One The server of credit card users is alleged to be used to mine cryptocurrency. However, Browser-based encryption hijacking And mining cryptocurrency after gaining access through deceptive application downloads is still a problem for many users.