Geeks for your information News Privacy & Security News v
Microsoft: Big Cryptomining Attacks Hit Kubeflow
Thread Rating:
  • 1 Vote(s) - 5 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Microsoft: Big Cryptomining Attacks Hit Kubeflow
silversurfer Offline
Staff Member
******
Posts: 3,885
Threads: 3,283
Thanks Received: 5,067 in 3,839 posts
Thanks Given: 6,263
Joined: 12 September 18
#1
Information  11 June 21, 11:12 (This post was last modified: 11 June 21, 11:13 by silversurfer.)
Quote:Microsoft has spotted a new, widespread, ongoing attack targeting Kubernetes clusters running Kubeflow instances, in order to plant malicious TensorFlow pods that are used to mine for cryptocurrency.
 
The Kubeflow open-source project is a popular framework for running machine learning (ML) tasks in Kubernetes, while TensorFlow is an end-to-end, open-source ML platform.
 
Given that the attack is still active, any new Kubernetes clusters that run Kubeflow could be compromised, according to Microsoft.
 
On Tuesday, Microsoft security researchers warned that toward the end of May, they saw a spike in deployments of TensorFlow pods on Kubernetes clusters – pods that are running legitimate TensorFlow images from the official Docker Hub account. But a closer look at the entry point of the pods revealed that their purpose is to mine cryptocurrency.
 
Yossi Weizman, senior security research software engineer at Microsoft’s Azure Security Center, said in a post on Tuesday that the “burst” of these malicious TensorFlow deployments was “simultaneous,” indicating that the attackers initially scanned the clusters, kept a list of potential targets, and then pulled the trigger on all of them at once.
 
Weizman explained that the attackers used two separate images: The first is the latest version of TensorFlow (tensorflow/tensorflow:latest) and the second is the latest version with GPU support (tensorflow/tensorflow:latest-gpu). The use of TensorFlow images in the cluster “makes a lot of sense,” Weizman said, given that “if the images in the cluster are monitored, usage of [a] legitimate image can prevent attackers from being discovered.”

Another reason why the attackers’ choice is understandable is that the TensorFlow image they chose is a convenient way to run GPU tasks using CUDA, which “allows the attacker to maximize the mining gains from the host,” he said. CUDA is a toolkit created by NVIDIA, used to develop, optimize and deploy GPU-accelerated apps.

Read more: Microsoft: Big Cryptomining Attacks Hit Kubeflow | Threatpost
[-] The following 1 user says Thank You to silversurfer for this post:
  • harlan4096
Find
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)
[-]
Welcome
You have to register before you can post on our site.

Username/Email:


Password:

[-]
Recent Posts
Advanced SystemCare PRO 17
Advanced SystemCare ...zevish — 10:04
How to install iOS 16 or iPadOS 16 publ...
IPhone X I Just buyi...thomasan — 08:30
Brave 1.65.114
Release Channel 1....harlan4096 — 06:53
Brave Search: Answer with AI takes over,...
Brave Search's new...harlan4096 — 06:33
Waterfox G6.0.12
Waterfox G6.0.12​ ...harlan4096 — 15:56

[-]
Birthdays
Today's Birthdays
avatar (47)oapedDow
avatar (40)Sanchowogy
Upcoming Birthdays
avatar (43)wapedDow
avatar (42)techlignub
avatar (41)Stevenmam
avatar (48)onlinbah
avatar (49)steakelask
avatar (43)Termoplenka
avatar (41)bycoPaist
avatar (47)pieloKat
avatar (41)ilyagNeexy
avatar (49)donitascene
avatar (49)Toligo
avatar (36)RobertUtelt

[-]
Online Staff
There are no staff members currently online.

>