Home → News → Docker Servers Targeted by Kinsing Malware Campaign → Full Text

Docker Servers Targeted by Kinsing Malware Campaign

By ZDNet

April 14, 2020

[article image]

Over the past few months, a malware campaign has been scanning the Internet for Docker servers running API ports exposed without a password.

Then, the hackers are breaking into the unprotected hosts and installing a new crypto-mining software called Kinsing, according to researchers at Aqua Security.

After the hackers find a Docker instance with an exposed API port, they use the access to spin up an Ubuntu container, and download and install the Kinsing malware.

In addition to mining cryptocurrency on the hacked Docker instance, the malware runs scripts that remove other malware that may be running locally.

It also gathers local SSH credentials in an effort to spread to a company's container network, in order to infect other cloud systems with the same malware.

From ZDNet
View Full Article


Abstracts Copyright © 2020 SmithBucklin, Washington, DC, USA


No entries found