Okay, deep breath, let's get this over with. In the grand act of digital self-sabotage, we've littered this site with cookies. Yep, we did that. Why? So your highness can have a 'premium' experience or whatever. These traitorous cookies hide in your browser, eagerly waiting to welcome you back like a guilty dog that's just chewed your favorite shoe. And, if that's not enough, they also tattle on which parts of our sad little corner of the web you obsess over. Feels dirty, doesn't it?
Cryptojacking Chaos: Kubernetes Clusters Hijacked for Dero Mining Frenzy
Cybersecurity researchers have flagged a cryptojacking campaign exploiting misconfigured Kubernetes clusters to mine Dero cryptocurrency. Watch out for seemingly benign DaemonSets like “k8s-device-plugin” hiding malicious intentions.
Hot Take:
When it comes to cryptojacking, Kubernetes clusters are like the all-you-can-eat buffet of the cybercrime world — a hacker’s paradise where the only thing missing is a ‘Please Hack Me’ neon sign.
Key Points:
- Cryptojacking campaign targets misconfigured Kubernetes clusters to mine Dero cryptocurrency.
- Wiz researchers identified an updated variant of the attack first documented by CrowdStrike in March 2023.
- Malicious container images hosted on Docker Hub, disguised as legitimate “pause” containers, are used to deploy the miner.
- The attacker uses anonymous access and benign-sounding DaemonSets to infiltrate Kubernetes clusters.
- Additional tools include a Windows sample of the Dero miner and a dropper shell script to eliminate competing miners.
Already a member? Log in here