The mining, i.e. prospecting, of crypto currencies such as Bitcoin and Ethereum works on the one hand on specially purchased, powerful hardware. After all, it’s about being rewarded for solving complex arithmetic problems with units of the respective digital currency. In addition to dedicated hardware, computing capacity in the cloud can also be used for mining. Users can use the services of so-called cloud mining providers for this. Cyber criminals are apparently increasingly looking for other ways.
Report: crypto mining in third-party cloud accounts
Observations by various internal security teams, such as the Google Threat Analysis Group, suggest that criminal actors have gained access to compromised cloud instances to do crypto mining there. According to the cloud security report Threat Horizons, 86 percent of the last 50 hacked Google Cloud accounts were misused for mining cryptocurrencies. Accordingly, in the majority of these cases, software used for cryptomining was downloaded within 22 seconds.
The Google Cloud users, however, apparently didn’t make it too difficult for the criminals to hijack their accounts. Because in three quarters of the hacking cases, the attackers were able to fall back on weak security settings or vulnerable software from third-party providers. Poor account hygiene and the lack of a fundamental implementation of control mechanisms are the reason for a large number of successful attacks, emphasized Google.
Google stops phishing attack from Fancy Bear
The list of threats in cloud environments is of course more complex and not limited to criminal crypto miners, write Google Cloud security experts Bob Mechler and Seth Rosenblatt in a corresponding blog entry. The notorious Russian hacking group APT28 / Fancy Bear tried to carry out a phishing attack with emails to thousands of Gmail accounts. But Google was able to prevent that. North Korean hackers are said to have tried to spread ransomware via infected Google Drive downloads. They would have targeted employees of South Korean IT security companies.