$ 37,010
$ 1,255.6
$ 147.58


Cybersecurity researchers have identified a persistent and ambitious campaign that targets thousands of Docker servers daily with a Bitcoin (BTC) miner.

Aqua Security issued a threat alert over the attack in a report published earlier this month, which has ostensibly “been going on for months, with thousands of attempts taking place nearly on a daily basis.” The researchers said that “These are the highest numbers we’ve seen in some time, far exceeding what we have witnessed to date.”

Such scope and ambition indicate that the illicit Bitcoin mining campaign is unlikely to be “an improvised endeavor,” as the actors behind it must be relying on significant resources and infrastructure.

Using its virus analysis tools, Aqua Security has identified the malware as a Golang-based Linux agent, known as Kinsing. The malware propagates by exploiting misconfigurations in Docker API ports. It runs an Ubuntu container, which downloads Kinsing and then attempts to spread the malware to further containers and hosts.

The campaign’s end-goal — achieved by first exploiting the open port and then carrying through with a series of evasion tactics — is to deploy a crypto miner on the compromised host, the researchers say.

Aqua’s study provides detailed insight into the components of the malware campaign, which stands out as a forceful example of what the firm claims is “the growing threat to cloud native environments.”

Attackers are upping their game to mount ever more sophisticated and ambitious attacks, thee researchers note. In response, enterprise security teams need to develop a more robust strategy to mitigate these new risks.

Among their recommendations, Aqua proposes that teams identify all cloud resources and group them in a logical structure, review their authorization and authentication policies, and adjust basic security policies according to a principle of “least privilege.”

Teams should also investigate logs to locate user actions that register as anomalies, as well as implement cloud security tools to strengthen their strategy.

Last month, Singapore-based unicorn startup Acronis published the results of its latest cybersecurity survey. It revealed that 86% of IT professionals are concerned about cryptojacking — the industry term for the practice of using a computer’s processing power to mine for cryptocurrencies without the owner’s consent or knowledge.

Related Posts

Leave a Reply


Subscribe To Newsletter

For updates and exclusive offers, enter your e-mail below.

Popular Posts

Rumored new SEC head Gary Gensler could spell more regulation for digital asset industry
January 16, 2021By
Former Coinbase lawyer steps down as acting head of bank regulator OCC
January 16, 2021By
Kentucky legislators unveil plan to attract block reward miners
January 16, 2021By


Video Posts

The Future of Blockchain and Crypto in 2021
January 13, 20210
Importance Of Blockchain and Crypto Education
January 12, 20210

Crypto Stats

CryptoCurrencyUSDChange 1hChange 24hChange 7d
Bitcoin37,010 0.21 % 2.56 % 9.33 %
Ethereum1,255.6 0.15 % 7.84 % 2.61 %
Tether1.000 0.16 % 0.14 % 0.25 %
Polkadot17.57 1.50 % 30.76 % 88.65 %
XRP0.2839 0.37 % 1.54 % 11.71 %
Cardano0.3499 1.16 % 14.56 % 13.64 %
Litecoin147.58 0.11 % 4.70 % 14.76 %
Bitcoin Cash500.91 0.53 % 4.47 % 14.35 %
Chainlink21.82 0.08 % 9.90 % 42.70 %
Stellar0.2976 0.59 % 6.30 % 1.82 %