Cryptocurrency miners busted with compromised Google Cloud instances

Google has released a report that busted illegal cryptocurrency mining that was being routed through Google Cloud servers.

Published Mon, Nov 29 2021 2:32 AM CST   |   Updated Sun, Dec 19 2021 7:30 AM CST

Update: Malicious actors gained access to the Google Cloud instances by taking advantage of poor customer security practices or vulnerable third-party software in nearly 75% of all cases. As shown in Table 2, 48% of compromised instances were attributed to actors gaining access to the Internet-facing Cloud instance, which had either no password or a weak password for user accounts or API connections. As a result, these Google Cloud instances could be easily scanned and brute forced. 26% of compromised instances were attributed to vulnerabilities in third-party software, which was installed by the owner.

Google's Cybersecurity Action team has released a report called the "Threat Horizons Executive Snapshot", which details ongoing online threats through trend tracking and other data pools.

Cryptocurrency miners busted with compromised Google Cloud instances 01 |

The report was included threat intelligence observations from the Threat Analysis Group, Google Cloud Threat, Intelligence for Chronicle, Trust and Safety group, and other internal teams. Cryptocurrency mining abuse was specifically mentioned in the report, with it stating that bad actors were observed mining cryptocurrency within a compromised Cloud instance.

The report states, "Of 50 recently compromised GCP instances, 86% of the compromised Cloud instances were used to perform cryptocurrency mining, a Cloud resource-intensive, for-profit activity. Additionally, 10% of compromised Cloud instances were used to conduct scans of other publicly available resources on the Internet to identify vulnerable systems, and 8% of instances were used to attack other targets.

Adding,"While data theft did not appear to be the objective of these compromises, it remains a risk associated with the cloud asset compromises as bad actors start performing multiple forms of abuse."

Additionally, Google's report indicates that 86% of 50 Google Cloud accounts downloaded cryptocurrency mining software within 22 seconds of the account being compromised. If you are interested in reading more about this story, check out Google's report here.

Buy at Amazon

Bitcoin Commemorative Coin 24K Gold Plated BTC Limited Edition

TodayYesterday7 days ago30 days ago
* Prices last scanned on 5/22/2022 at 1:20 am CDT - prices may not be accurate, click links above for the latest price. We may earn an affiliate commission.

Jak joined the TweakTown team in 2017 and has since reviewed 100s of new tech products and kept us informed daily on the latest science and space news. Jak's love for science, space, and technology, and, more specifically, PC gaming, began at 10 years old. It was the day his dad showed him how to play Age of Empires on an old Compaq PC. Ever since that day, Jak fell in love with games and the progression of the technology industry in all its forms. Instead of typical FPS, Jak holds a very special spot in his heart for RTS games.

Newsletter Subscription

Related Tags

Newsletter Subscription
Latest News
View More News
Latest Reviews
View More Reviews
Latest Articles
View More Articles