According to Google, cybercriminals are mining cryptocurrencies via hacked cloud accounts. Last month, Google's Threat Analysis Group issued a similar warning, claiming that hackers were hacking into YouTube accounts to distribute bitcoin schemes. The hackers would also live broadcast movies promising bitcoin rewards in return for contributions initially, according to the group. According to Google, these hostile actors were also Russian speakers.
According to Google's Cybersecurity Action Team, 86 percent of the 50 compromised Google Cloud Platforms (GCPs) were used for bitcoin mining, which normally uses a lot of computational resources and storage space. Phishing schemes and ransomware were among the remaining cyber activity.
Exploits are still widespread in the digital assets area, especially now that there is so much money streaming in. In May, a hacker gang exploited a flaw in Salt, a popular infrastructure tool used by companies like IBM, LinkedIn, and eBay, to install crypto-mining malware on a business server. Furthermore, more than $600 million was taken in one of the largest crypto heists to date in August, using a weakness in the Poly Network, albeit part of the funds were restored.
Meanwhile, in March 2014, Mt. Gox, the world's largest bitcoin exchange at the time, declared bankruptcy after hackers stole $460 million in cryptocurrency. The majority of these assaults against GCPs are the result of customers' poor security practices, such as the use of weak or no passwords. In approximately 75 percent of all cases, malicious actors obtained access to Google Cloud instances by exploiting inadequate customer security policies or insecure third-party software, according to the research. Mining software was installed within 22 seconds of the assault in situations where hackers used accounts to mine cryptocurrency, rendering human interventions ineffectual in avoiding such attacks.
The greatest defense would be to not install a susceptible system or have automatic reaction systems. The team suggested numerous security measures to prevent similar assaults, including checking for weaknesses, employing two-factor authentication, and installing Google's "Work Safer" tool for security.
Photo: Kentoh / Thaimynguyen / BlackDovFX / Getty Images
Read next: Study Reveals Cybersecurity Threats Across Microsoft Windows OS In 2021 Have Reached Over 100 Million
According to Google's Cybersecurity Action Team, 86 percent of the 50 compromised Google Cloud Platforms (GCPs) were used for bitcoin mining, which normally uses a lot of computational resources and storage space. Phishing schemes and ransomware were among the remaining cyber activity.
Exploits are still widespread in the digital assets area, especially now that there is so much money streaming in. In May, a hacker gang exploited a flaw in Salt, a popular infrastructure tool used by companies like IBM, LinkedIn, and eBay, to install crypto-mining malware on a business server. Furthermore, more than $600 million was taken in one of the largest crypto heists to date in August, using a weakness in the Poly Network, albeit part of the funds were restored.
Meanwhile, in March 2014, Mt. Gox, the world's largest bitcoin exchange at the time, declared bankruptcy after hackers stole $460 million in cryptocurrency. The majority of these assaults against GCPs are the result of customers' poor security practices, such as the use of weak or no passwords. In approximately 75 percent of all cases, malicious actors obtained access to Google Cloud instances by exploiting inadequate customer security policies or insecure third-party software, according to the research. Mining software was installed within 22 seconds of the assault in situations where hackers used accounts to mine cryptocurrency, rendering human interventions ineffectual in avoiding such attacks.
The greatest defense would be to not install a susceptible system or have automatic reaction systems. The team suggested numerous security measures to prevent similar assaults, including checking for weaknesses, employing two-factor authentication, and installing Google's "Work Safer" tool for security.
Photo: Kentoh / Thaimynguyen / BlackDovFX / Getty Images
Read next: Study Reveals Cybersecurity Threats Across Microsoft Windows OS In 2021 Have Reached Over 100 Million