BRThere have been a number of cryptojacking attacks targeted at Kubeflow, a machine learning toolkit. These attacks are carried out to install cryptocurrency block reward miners who might be exposed.
Reports from a Microsoft post revealed that the attacks started in April and so far, they have targeted various clusters of the Kubernetes application which runs Kubeflow.
This primary work of the nodes is to carry out machine learning tasks with a major capacity to process cryptocurrencies in illegal hands.
Speaking on the matter was a Security Research Software Engineer at the Azure Security Center, Yossi Weizman. According to him, this is the first attack targeted at just Kubeflow they have discovered
In his words, “Azure Security Center has detected multiple campaigns against Kubernetes clusters in the past that have a similar access vector: an exposed service to the internet. However, this is the first time that we have identified an attack that targets Kubeflow environments specifically…When deploying a service like Kubeflow within a cluster it is crucial to be aware of security aspects…”
He stressed that a reason why Kubernetes clusters are major targets for cryptojackers is due to the fact that much power is needed to run machine learning tasks.
Further speaking, he said “Nodes that are used for ML tasks are often relatively powerful, and in some cases include GPUs…This fact makes Kubernetes clusters that are used for ML tasks a perfect target for crypto mining campaigns, which was the aim of this attack,”
When cybercriminals hijack resources in order to power cryptocurrency block reward miners, a cryptojack has just occurred. Any cryptocurrency generated by the block reward miners in this illegal act will be properties of the cybercriminals.
Over the years, there have been a stark increase in the number of cryptojacking attacks recorded. The activity may soon become a regular one for cybercriminals.
With these attacks, all Kubeflow users are advised to stay on alert and watch out for any cyber threat. Also, security measures should be taken to protect their nodes.