Google has warned that Crypto miners and cyberhackers are nowadays using compromised cloud accounts to mine cryptocurrency.
Details for the same are included in a report by Google’s cybersecurity team. This identifies hacking threats against its cloud service. Other threats that are identified include Russian state hackers trying to get users’ passwords by warning that they have been supported by the government. North Korean hackers posing as Samsung job recruiters.
Mining is the name of the process by which blockchains such as the ones that are used in cryptocurrencies are regulated and verified. They also require a good amount of energy and significant computing power. Google reports that out of the 50 recent hacks on its cloud computing server, approximately more than 80% were used to perform cryptocurrency mining.
The report said that “86% of the compromised Google Cloud instances were used to perform cryptocurrency mining, a cloud resource-intensive for-profit activity”. Moreover, in the majority of the cases, the software required for mining cryptocurrency was downloaded within 22 seconds of the account being compromised. In three-quarters of the cloud hack, the attackers had taken advantage of poor customer security and unsafe third-party software.
What Google suggests
As most of the instances were used for mining cryptocurrency by the Crypto miners rather than targeting sensitive data. Analysts at Google estimate that the attackers scanned a range of Google cloud IP addresses, rather than targeting a particular range of customers.
Google suggests its cloud customers improve their security and include two-factor authentication. This basically means adding an additional layer of security on top of the normal user name and password.
GCP (Google Cloud Platform) Attacks
Google, the search engine giant claims that the basic objective of the report is to provide intelligence that is easy to execute. This will help the organizations to ensure that their cloud involvement remains safe and secure during any such cyber threats.
Other than crypto mining, the report also reveals that 10% of the compromised cloud instances were used to conduct scanning of other resources available to the general public on the internet. This was to identify other unsecured systems, and 8% of the instances were used to attack other targets.
According to Google, dealing with ransomware attacks, in which the files and data on a users’ systems are encrypted by the attacker until some payment is done for their release. The report points out the appearance of Black Matter, which it explains as a “formidable ransomware family”.
However, at the starting of the month, Black Matter said it was going to shut down because of the “pressure from the authorities”. Black Matter victims also include the Japanese tech group Olympus.
The report by Google said: “Google has received reports that the Black Matter ransomware group has announced it will shut down operations given outside pressure. Until this is confirmed, Black Matter still poses a risk.”
Sundar Pichai’s take on Crypto
Google CEO Sundar Pichai told about his take on cryptocurrency plans.
He shares that he does not own any of them. Adding that, wish he did. In an interview with Bloomberg Television. “I’ve dabbled in it, you know, in and out,” Pichai said.
Surprisingly, in 2018, Pichai told that his 11-year-old son was mining Cryptocurrency Ethereum on a family PC in his home.