Friday, February 26, 2021
  • Setup menu at Appearance » Menus and assign menu to Top Bar Navigation
Advertisement
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News
No Result
View All Result
NikolaNews
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News
No Result
View All Result
NikolaNews
No Result
View All Result
Home Internet Security

Docker servers infected with DDoS malware in extremely rare attacks

June 27, 2020
in Internet Security
Docker servers infected with DDoS malware in extremely rare attacks
585
SHARES
3.3k
VIEWS
Share on FacebookShare on Twitter

Up until recently, Docker servers misconfigured and left exposed online have been historically targeted with cryptocurrency-mining malware, which has helped criminal groups generate huge profits by hijacking someone else’s cloud resources.

However, in a report published this week, security researchers from Trend Micro have discovered what appears to be the first organized and persistent series of attacks against Docker servers that infect misconfigured clusters with DDoS malware.

You might also like

This chart shows the connections between cybercrime groups

Spy agency: Artificial intelligence is already a vital part of our missions

Chinese cyberspies targeted Tibetans with a malicious Firefox add-on

According to Trend Micro, the two botnets are running versions of the XORDDoS and the Kaiji malware strains. Both malware operations have a long and well-documented history, especially XORDDoS, which has been spotted used in the wild for many years.

However, the two DDoS botnets had usually targeted routers and smart devices, and never complex cloud setups, such as Docker clusters.

“XORDDoS and Kaiji have been known to leverage telnet and SSH for spreading before, so I see Docker as a new vector which increases the potential of the botnet, a green field full of fresh fruit to pick with no immediate competitors,” Pascal Geenens, cybersecurity evangelist at Radware, told ZDNet via email earlier this week.

“Docker containers will typically provide more resources compared to IoT devices, but they typically run in a more secured environment, and it might be hard to impossible for the container to perform DDoS attacks,” Geenens added.

“The unique perspective of IoT devices such as routers and IP cameras is that they have unrestricted access to the internet, but typically with less bandwidth and less horsepower compared to containers in a compromised environment,” the Radware researcher told ZDNet.

“Containers, on the other hand, typically have access to way more resources in terms of memory, CPU, and network, but the network resources might be limited to only one or a few protocols, resulting in a smaller arsenal of DDoS attack vectors supported by those ‘super’ bots.”

However, these limitations don’t usually impact crypto-mining botnets, which only need an open HTTPS channel to the outside world, Geenens said.

But despite the limitations in how a DDoS gang could abuse hacked Docker clusters, Geenens says this won’t stop hackers from attacking this “green field full of fresh fruit to pick” as there are very few vulnerable IoT devices that haven’t been infected already, which has forced hackers to target Docker servers to begin with.

And on a side note, Geenens also told ZDNet that he suspects that DDoS operators are already quite familiar with Docker systems already.

While this is the first time they’re hacking Docker clusters, Geenens believes hackers often use Docker to manage their own attack infrastructure.

“I have no immediate proof, but I’m pretty sure that in the same way as legitimate applications benefit from [Docker’s] automation and agility (DevOps), so will illegal applications.”

The most common source of Docker hacks is the management interface (API) being left exposed online without authentication or being protected by a firewall. For readers looking to secure their servers, that would be a good first thing to check.

In its report, Trend Micro also recommends that server administrators secure their Docker deployments by following a series of basic steps, detailed here.

Credit: Zdnet

Previous Post

W3BCLOUD secures $20.5 million funding for blockchain data centres

Next Post

Explanation of AlexNet and its leap for CNNs

Related Posts

This chart shows the connections between cybercrime groups
Internet Security

This chart shows the connections between cybercrime groups

February 26, 2021
Spy agency: Artificial intelligence is already a vital part of our missions
Internet Security

Spy agency: Artificial intelligence is already a vital part of our missions

February 26, 2021
Chinese cyberspies targeted Tibetans with a malicious Firefox add-on
Internet Security

Chinese cyberspies targeted Tibetans with a malicious Firefox add-on

February 26, 2021
SolarWinds cybersecurity spending tops $3 million in Q4, sees $20 million to $25 million in 2021
Internet Security

SolarWinds cybersecurity spending tops $3 million in Q4, sees $20 million to $25 million in 2021

February 26, 2021
Facebook bans Myanmar military-controlled accounts from its platforms
Internet Security

Facebook bans Myanmar military-controlled accounts from its platforms

February 25, 2021
Next Post
Explanation of AlexNet and its leap for CNNs

Explanation of AlexNet and its leap for CNNs

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Recommended

Plasticity in Deep Learning: Dynamic Adaptations for AI Self-Driving Cars

Plasticity in Deep Learning: Dynamic Adaptations for AI Self-Driving Cars

January 6, 2019
Microsoft, Google Use Artificial Intelligence to Fight Hackers

Microsoft, Google Use Artificial Intelligence to Fight Hackers

January 6, 2019

Categories

  • Artificial Intelligence
  • Big Data
  • Blockchain
  • Crypto News
  • Data Science
  • Digital Marketing
  • Internet Privacy
  • Internet Security
  • Learn to Code
  • Machine Learning
  • Marketing Technology
  • Neural Networks
  • Technology Companies

Don't miss it

Machine Learning & Big Data Analytics Education Market: Soaring Demand Assures Motivated Revenue Share During 2020-2030 – KSU
Machine Learning

Machine Learning & Big Data Analytics Education Market: Soaring Demand Assures Motivated Revenue Share During 2020-2030 – KSU

February 26, 2021
This chart shows the connections between cybercrime groups
Internet Security

This chart shows the connections between cybercrime groups

February 26, 2021
Basic laws of physics spruce up machine learning
Machine Learning

New machine learning tool facilitates analysis of health information, clinical forecasting

February 26, 2021
Creative Destruction and Godlike Technology in the 21st Century | by Madhav Kunal
Neural Networks

Creative Destruction and Godlike Technology in the 21st Century | by Madhav Kunal

February 26, 2021
Spy agency: Artificial intelligence is already a vital part of our missions
Internet Security

Spy agency: Artificial intelligence is already a vital part of our missions

February 26, 2021
Blockchain lags behind other technologies in finance adoption for now, says Broadridge
Blockchain

Blockchain lags behind other technologies in finance adoption for now, says Broadridge

February 26, 2021
NikolaNews

NikolaNews.com is an online News Portal which aims to share news about blockchain, AI, Big Data, and Data Privacy and more!

What’s New Here?

  • Machine Learning & Big Data Analytics Education Market: Soaring Demand Assures Motivated Revenue Share During 2020-2030 – KSU February 26, 2021
  • This chart shows the connections between cybercrime groups February 26, 2021
  • New machine learning tool facilitates analysis of health information, clinical forecasting February 26, 2021
  • Creative Destruction and Godlike Technology in the 21st Century | by Madhav Kunal February 26, 2021

Subscribe to get more!

© 2019 NikolaNews.com - Global Tech Updates

No Result
View All Result
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News

© 2019 NikolaNews.com - Global Tech Updates