Cryptocurrency miners are now hacking accounts of Cloud users, Google warns






© Provided by The Indian Express


Google has warned that cyber criminals are now hacking Google cloud accounts to mine cryptocurrency. Details of the hack were highlighted in Google’s first threat horizon report published by the company’s cybersecurity action team.

The report said that 86 percent of the compromised Google Cloud instances were used to perform cryptocurrency mining, a cloud resource-intensive for-profit activity, adding that in the majority of cases, the cryptocurrency mining software was downloaded within 22 seconds of the account being compromised.

Google’s cloud service is the one of the most popular remote storage system, where the tech giant stores customers’ data and files in a remote server—which is technically capable of being used for crypto mining. Cryptocurrency mining requires high-powered computers, that are competing to solve complex mathematical puzzles, in a process that makes intensive use of computing power and electricity.

Read more |Unregulated cryptocurrency fueling ransomware attacks globally: Report

Interestingly, Google noted that of 50 percent hacks of its cloud computing service, more than 80 percent were used to perform cryptocurrency mining.

Cloud customers continue to face a variety of threats across applications and infrastructure, and many successful attacks are “due to poor hygiene and a lack of basic control implementation,” Google said in its blog post.

Additionally, 10 percent of compromised Cloud instances were used to conduct scans of other publicly available resources on the internet to identify vulnerable systems, and 8 percent of instances were used to attack other targets. “While data theft did not appear to be the objective of these compromises, it remains a risk associated with the cloud asset compromises as bad actors start performing multiple forms of abuse,” Google added.

Read more |Regulators don’t have capability to monitor cyber risk in crypto exchanges: Raghuram Rajan

The tech giant has recommended its cloud customers to improve their security by enabling two-factor authentication—it is an extra layer of protection used to ensure the security of online accounts beyond just a username and…

Source…