Home → News → Machine Learning Clusters in Azure Hijacked to Mine... → Full Text

Machine Learning Clusters in Azure Hijacked to Mine Cryptocurrency

By Ars Technica

June 23, 2020

[article image]

Microsoft's Azure Security Center has reported a cryptojacking scheme in which attackers hijacked machine learning clusters inside the Azure cloud-computing service to mine cryptocurrency at the expense of the customers who rented those cluster.

The infected clusters were running Kubeflow, an open source framework for machine learning applications in Kubernetes, a platform for deploying scalable applications across numerous computers.

Microsoft investigators determined that the machines were compromised by customers who changed the default setting, which prevents people on the Internet at large from accessing the Kubeflow dashboard and making unauthorized changes to the cluster.

With access to the dashboard, attackers have several options for deploying backdoored containers in the cluster.

The compromised clusters identified by Microsoft numbered in the "tens," many of which ran an image available from a public repository, which the investigators said contained code that surreptitiously mined the Monero cryptocurrency.

From Ars Technica
View Full Article


Abstracts Copyright © 2020 SmithBucklin, Washington, DC, USA


No entries found