Latest news about Bitcoin and all cryptocurrencies. Your daily crypto news habit.
Attackers are exploiting poorly configured cloud accounts to mine crypto, Google warned users in a recent report.
Cryptocurrency mining is a computationally intensive activity. And Google Cloud customers can access it at a cost. However, miners are now hacking Google Cloud accounts for mining purposes.
In the report titled âThreat Horizons,â Googleâs cybersecurity team assessed various threats to Cloud users, providing details of the breaches.
Related Reading |Â Data Shows Crypto Hacks And Fraud In 2021 Are On Track For A New Record
The report also provided cybersecurity threat intelligence to cloud users. The aim is to enable them âbetter configure their environments and defenses in manners most specific to their needs.â
Crypto Miners Hacking Google Accounts
In the report, the cybersecurity team analyzed 50 recently compromised Google Cloud accounts. And out of those, 86% were related to crypto mining. âMalicious actors were observed performing cryptocurrency mining within compromised Cloud instances,â Google wrote.
Related Reading |Â Ethereum Miner Revenue Outpaces Bitcoin In 2021
The report also stated that in the majority of these incidents, the hackers downloaded crypto mining software to the compromised accounts within 22 seconds. The attacks were scripted, and it would have been impossible to manually stop them. Additionally, in 10% of these incidents, the hackers scanned other publicly available resources on the Internet to identify vulnerable systems. While in 8% of the instances, they attacked other targets.
However, as reported by the cybersecurity team, the crypto mining hacks were not the only attacks.
âThe cloud threat landscape in 2021 was more complex than just rogue cryptocurrency miners, of course,â wrote Bob Mechler, Google Cloud Director of the office of the Chief Information Security Officer, and Seth Rosenblatt, Google Cloud Security Editor, in a blog post.
Other Threats To Google Cloud Users
Another threat the team identified was a phishing attack by the Russian group called APT28, or Fancy Bear. The attackers targeted 12,000 Gmail accounts in a mass phishing attempt. They attempted to trick users into handing over their login details. Google, however, said it had blocked all the phishing emails, and no user was compromised.
The report also pointed out an attack by a North Korean government-backed group. This hacker group posed as Samsung recruiters, sending fake job opportunities to employees at South Korean information security companies. They attached a malicious link to malware stored in Google Drive. Google said it also blocked it.
Another threat to cloud users is ransomware attacks, whereby hackers encrypt usersâ data until they pay. In the report, Google mentions the formidable Black Matter ransomware group. And although the group announced that it was shutting down earlier this month, Google is still cautious. âGoogle has received reports that the Black Matter ransomware group has announced it will shut down operations given outside pressure. Until this is confirmed, Black Matter still poses a risk.â
Total crypto market at $2.4 Trillion | Source: Crypto Total Market Cap from TradingView.com
Google attributes some of these attacks to usersâ poor security practices. And also vulnerabilities in third-party software that the users install.
The report also recommends a few ways to prevent these attacks. One of which is enabling two-factor authentication.
Featured image by Dreamstime, Chart from TradingView.com
Disclaimer
The views and opinions expressed in this article are solely those of the authors and do not reflect the views of Bitcoin Insider. Every investment and trading move involves risk - this is especially true for cryptocurrencies given their volatility. We strongly advise our readers to conduct their own research when making a decision.