January 29, 2023

Hackers used Microsoft Azure nodes to mine Monero

06/17/2020

Lena Jess

Hackers used Microsoft Azure nodes to mine Monero

Hackers used Microsoft Azure nodes to mine Monero

Microsoft Azure Cloud Service attacked by hackers in order to mine Monero cryptocurrency.

The attack target was the nodes that worked with the Kubeflow machine learning toolkit in Kubernetes. They are usually relatively powerful and include GPUs.

Having gained access to the control panel, the criminals introduced new server images into Kubernetes clusters, which, in turn, launched a program for cryptocurrency mining.

Microsoft has reported dozens of compromised Kubernetes clusters.

According to experts, the cyber attack has becomepossible due to incorrect manual settings of Kubeflow, since the default settings do not allow direct access to the control panel via the Internet and the possibility of making unauthorized changes to the cluster.

“We believe that some users have decidedChange settings for convenience. However, these changes violated the security of Kubeflow, which allowed attackers to perform certain operations, ”said Microsoft Azure Security Center security researcher Yossi Weizman.

According to the company, the attacks began in April 2020.

Recall that in February 2018, hackers gained access to Tesla's cloud infrastructure and used its resources to mine cryptocurrencies.