Google warned its users that malicious actors could use the Google Cloud Platform to mine cryptocurrency. In its latest Cloud Threat Intelligence report titled “Threat Horizons,” which provides users with security insights, the company informed that 86% of the compromised instances on Google Cloud platforms were being used to mine cryptocurrencies. Many of the compromised accounts were either not secured at all or had weak passwords.
Google Cloud used to mine cryptocurrencies
Google has issued an alert to users regarding malicious actors who have compromised Google Cloud accounts in order to mine cryptocurrency. Google Cloud accounts can have processing power that could be used to execute malicious tasks. According to the first “Threat Horizons” report, issued by Google to raise awareness about the security weaknesses in its platform, 86% of the compromised accounts are used for this purpose.
According to the report, cryptocurrency mining on cloud platforms can cause high CPU and GPU usage. The report also mentions alternative cryptocurrency mining like Chia which uses storage space to mine resources.
The Causes and the Mitigation
Bad security was one of several reasons that led to the compromises of Google Cloud instances. Poor security due to a weak password, insufficient or non-existent access code or lack of API validation within the instance were two of the issues. These platforms can be easily accessed by malicious actors if they are not protected with basic security precautions. Similar problems are facing other cloud platforms.
After being compromised, most of the instances studied downloaded cryptocurrency mining software in under 22 seconds. This indicates that these instances have been targeted in a systematic attack. They were only trying to access the software for their own purposes. The malicious actors appear to actively track these unsecured Google Instances as 40 percent of them were compromised after eight hours. Google claimed:
The public IP address space has been routinely scan for Cloud instances that could be vulnerable. The question of whether a Cloud instance is vulnerable will not matter, but when.
The report suggests that users adhere to the best security practices, and use web scanning and container analysis, which will allow them to check the system for weaknesses through different methods like crawling.
How do you feel about malicious actors using Google Instances for cryptocurrency mining? Leave a comment below.
Image creditShutterstock. Pixabay. Wiki Commons
DisclaimerThis article serves informational purposes. This article is not intended to be a solicitation or offer to sell or buy any product, service, or company. Bitcoin.com is not a provider of investment, tax, legal or accounting advice. This article does not contain any information, products, or advice that can be used to cause or alleged result in any kind of damage.