Microsoft Reveals Crypto Mining Attack on Kubeflow ML

  • Microsoft reported that it had discovered a number of Kubernetes clusters infected with a crypto mining code.
  • Kubernetes is an open-source machine learning toolkit that helps in easy automation of management, scaling of the applications.
  • However, since Kubeflow is an open-source project, it has fragile security. As a result, its dashboard compromised to the public.

Recently, Microsoft reported that it had discovered a number of Kubernetes clusters infected with a crypto mining code. According to experts, the code has been allegedly placed in the systems by the Kubeflow machine learning toolkits. 

What is Kubernetes?

Kubernetes, an open-source containerized system which helps in easy automation of management, scaling of the applications. Let us suppose several groups of hosts who are running Linux containers. So, what Kubernetes does is that it helps in managing the number of groups. Google is behind its design and development because Google was an early user of Linux container technology. Thus, for the hosting of the cloud applications that require fast scaling, data streaming Kubernetes is the best platform.

What is Kubeflow And The Risks Associated With It?

They are machine learning toolkits for the users of Kubernetes. The project aims at the machine learning technology and its extensive application. Further, it makes the work easier, scalable, and portable for the Kubernetes. Often its consideration is as a good target for users to mine cryptocurrency because of its cluster technology.

However, since Kubeflow is an open-source project, it has fragile security as a result of which its dashboard compromised to the public internet. Further, this provided access to the entire code to the culprits where they supplanted an image from some other public repository as a container in the cluster. Also, it executed the cryptocurrency miner.

In a recent interview, Microsoft Azure Security Centre’s, Yozzi Weizmann, briefly explained that Kubeflow is a containerized service. Hence, it is highly probable that criminals get access to the code and run the malicious image in the cluster.

Further suspected that the culprit had used the public dashboard to get access to the cluster. Moreover, a container from the cluster utilized to execute this malicious supplant. The attacker had used the mounted service account for this hack and managed to move the container and deploy it in the cluster.

It is a big difficulty that people in the digital world face. Besides, they must secure their platform with proper authentication and identification technologies before the attackers hack your platform to mine coins.

We Recomaned

Top Rated Trading Platforms

Top Rated Cryptocurrency Exchange

Partners