Windows Container Malware Targets Kubernetes Clusters
#1
Information 
Quote:Windows containers have been victimized for over a year by the first known malware to target Windows containers. The ongoing campaign pierces Kubernetes clusters so as to plant backdoors, allowing attackers to steal data and user credentials, or even hijack an entire databases hosted in a cluster
 
The malware was discovered by Unit 42 security researcher Daniel Prizmant. He dubbed it Siloscape, which he pronounces “Silo escape.” The malware pries open known vulnerabilities in web servers and databases so as to compromise Kubernetes nodes and to backdoor clusters.
 
In a post published on Monday, Prizmant wrote that Siloscape is heavily obfuscated malware targeting Kubernetes clusters through Windows containers, with the main purpose of opening “a backdoor into poorly configured Kubernetes clusters in order to run malicious containers.”
 
In a separate post, Unit 42 researchers Ariel Zelivansky and Matthew Chiodi compared containers to those used to package different materials together on cargo ships. They’re an easy way to run applications in the cloud, in that they pack different materials together for greater efficiency, allowing development teams to move fast and operate “at almost any scale.”
 
Running an application in a container this way is referred to as containerization, and like other remote ways to work, it’s picked up steam due to COVID-19. “We’ve seen more and more organizations using containers in the cloud in recent years, especially since the COVID-19 pandemic caused many to seek to move faster and deploy cloud workloads more efficiently,” the researchers noted.

Read more: Windows Container Malware Targets Kubernetes | Threatpost
[-] The following 1 user says Thank You to silversurfer for this post:
  • harlan4096
Reply


Messages In This Thread
Windows Container Malware Targets Kubernetes Clusters - by silversurfer - 08 June 21, 12:44

Forum Jump:


Users browsing this thread: 1 Guest(s)
[-]
Welcome
You have to register before you can post on our site.

Username/Email:


Password:





[-]
Recent Posts
uBOLite_2024.12.23.23
uBOLite_2024.12.23...harlan4096 — 10:29
You found a seed phrase from someone els...
Scammers have inve...harlan4096 — 09:58
Google files remedies proposal in DOJ's ...
The U.S. Departmen...harlan4096 — 09:48
PowerToys 0.87.1
PowerToys 0.87.1 ...harlan4096 — 09:46
GFYI [Official] EaseUS Christmas 2024 B...
Merry Christmas and ...zevish — 08:07

[-]
Birthdays
Today's Birthdays
No birthdays today.
Upcoming Birthdays
No upcoming birthdays.

[-]
Online Staff
There are no staff members currently online.

>