HomeTechnologyGoogle: Cyber ​​criminals hack cloud accounts for crypto mining

Google: Cyber ​​criminals hack cloud accounts for crypto mining

Google warns of security risks in the cloud. (Image: Google)

The mining, i.e. prospecting, of crypto currencies such as Bitcoin and Ethereum works on the one hand on specially purchased, powerful hardware. After all, it’s about being rewarded for solving complex arithmetic problems with units of the respective digital currency. In addition to dedicated hardware, computing capacity in the cloud can also be used for mining. Users can use the services of so-called cloud mining providers for this. Cyber ​​criminals are apparently increasingly looking for other ways.

Report: crypto mining in third-party cloud accounts

Observations by various internal security teams, such as the Google Threat Analysis Group, suggest that criminal actors have gained access to compromised cloud instances to do crypto mining there. According to the cloud security report Threat Horizons, 86 percent of the last 50 hacked Google Cloud accounts were misused for mining cryptocurrencies. Accordingly, in the majority of these cases, software used for cryptomining was downloaded within 22 seconds.

The Google Cloud users, however, apparently didn’t make it too difficult for the criminals to hijack their accounts. Because in three quarters of the hacking cases, the attackers were able to fall back on weak security settings or vulnerable software from third-party providers. Poor account hygiene and the lack of a fundamental implementation of control mechanisms are the reason for a large number of successful attacks, emphasized Google.

Google stops phishing attack from Fancy Bear

The list of threats in cloud environments is of course more complex and not limited to criminal crypto miners, write Google Cloud security experts Bob Mechler and Seth Rosenblatt in a corresponding blog entry. The notorious Russian hacking group APT28 / Fancy Bear tried to carry out a phishing attack with emails to thousands of Gmail accounts. But Google was able to prevent that. North Korean hackers are said to have tried to spread ransomware via infected Google Drive downloads. They would have targeted employees of South Korean IT security companies.

You might also be interested in

Follow World Weekly News on

Adrian Ovalle
Adrian Ovalle
Adrian is working as the Editor at World Weekly News. He tries to provide our readers with the fastest news from all around the world before anywhere else.

Leave a Reply

Must Read