Some attackers are mining cryptocurrencies using “poorly established” accounts, according to Google’s Cybersecurity Action Team in a report aimed at analysing threats to Cloud users.
In fact, the Google team revealed on Wednesday that crypto mining was involved in 86% of the 50 investigated instances. That affected the Google Cloud Protocol. The hackers utilised the hacked Cloud accounts to gain access to resources from people’s CPUs or GPUs. In order to mine tokens or take advantage of storage space when mining currencies on the Chia Network.
However, rather than being limited to a single malicious action like crypto mining, many of the incursions were utilised as staging grounds for later attacks and the identification of other vulnerable systems, according to Google’s researchers. According to the cybersecurity team, the attackers typically gained access to Cloud accounts as a result of “poor customer security practises” or “weak third-party software”.
The attacks renowned for their speed as well
“Data theft does not appear to be the intent of these attacks”, the Cybersecurity Action Team stated. “However, it remains a worry associated with Cloud asset compromises. As bad actors continue to engage in a variety of misbehaviour”. “On the public Internet-facing Cloud instances, scanning and brute-force attacks were conceivable”.
The attacks renowned for their speed as well. According to Google’s analysis, hackers were able to download crypto mining software to compromised accounts in under 22 seconds in the majority of the cases analysed. “The initial attacks and subsequent downloads were orderly actions. That did not need human engagement”, Google asserted. Adding that actively acting to stop such events once they began would be exceedingly difficult.
An attack on multiple customers’ Cloud accounts in order to gain access to more computer power isn’t a new approach to unlawfully mine cryptocurrencies. Many in the sector call this “cryptojacking”. And there have been multiple high-profile incidents. Including a Capital One attack in 2019 that allegedly utilised credit card customers’ systems to mine bitcoin. Browser-based cryptojacking, as well as mining bitcoin after gaining access through fraudulent software downloads, remains a problem for many users.