Google is alerting users of hackers using Google Cloud to mine cryptocurrencies
By Admin
Google has warned users about malicious actors using its Google Cloud platform to mine cryptocurrencies. In its latest Cloud Threat Intelligence Threat Horizons report, which provides users with a security overview, the company reported that 86% of compromised accounts on Google Cloud platforms were being used to mine cryptocurrencies. Most of the hacked accounts had weak passwords or no password at all.
Google Cloud is used to mine cryptocurrencies. Google, the software giant, warns users of malicious actors that use hacked Google Cloud accounts to mine cryptocurrencies. Google Cloud accounts have access to processing power that can be easily redirected to perform malicious tasks. According to the first “Threat Horizons” report released by Google to raise awareness about security vulnerabilities in its platform, 86% of compromised accounts are used for this purpose (to mine cryptocurrencies).
The report notes that mining cryptocurrencies in the cloud causes high CPU and/or GPU power usage. It also refers to the mining of alternative cryptocurrencies such as Chia, which uses storage space as a mining resource. Causes and Solution The first reason for hacking of Google Cloud instances examined was poor security due to various issues.
One of these issues was a weak or non-existent password to access the platform, or lack of API verification in compromised cases. Without basic security measures in place, any hacker can easily take control of these systems. Other cloud platforms also face similar issues.
Most hackers downloaded cryptocurrency mining software in less than 22 seconds to hack accounts. This indicates that there are systematic attacks on these vulnerable instances, with the sole aim of using them for this purpose. Also, malicious actors appear to be actively tracking these unsecured instances of Google, since 40% of unsecured accounts were compromised within eight hours of being created.
Google stated: "This indicates that the public IP address space is routinely scanned for instances of vulnerable Cloud accounts. The issue is not if a vulnerable Cloud account is detected, but when." To mitigate these risks, the report recommends users follow basic security practices and implement Google Analytics and Web Scanning, tools that will search the system for security vulnerabilities using various techniques such as crawling. Source
DROPIDEA
We hope this article has added real value to you. At DROPIDEA, we always strive to deliver high-quality content that helps you grow and evolve in the digital space. Follow us for more useful articles and guides.
Admin
DROPIDEA
Latest Articles
“Nofollow” tag: What it is, how and where it is used, “Infographics”
ASUS ROG Flow Z13 (2025) available: Everything you could dream of in a gaming tablet.
The best 5 sites to download safe computer programs without malware!
Create a forum on WordPress using the bbPress plugin step by step
