Quote:A unique cyberattack campaign that targets Kubeflow, a machine-learning toolkit for Kubernetes, has affected large swathes of container clusters, according to Microsoft.
The Kubeflow open-source project is a popular framework for running machine-learning (ML) tasks in Kubernetes. According to an analysis this week, a suspicious Kubeflow image was seen deployed to thousands of clusters in April, all from a single public repository. Closer inspection showed that the image runs a common open-source cryptojacking malware that mines the Monero virtual currency, known as XMRIG.
“Nodes that are used for ML tasks are often relatively powerful, and in some cases include GPUs [graphics processors],” explained Yossi Weizman, security research software engineer at Microsoft’s Azure Security Center, in a posting on Wednesday. “This fact makes Kubernetes clusters that are used for ML tasks a perfect target for cryptomining campaigns, which was the aim of this attack.”
In terms of how Kubeflow can be used as the entry point for this kind of attack, Weizman noted that Kubeflow can manage the various tasks required to put a ML model into action, such as training ML algorithms. For instance, according to its website, Kubeflow simplifies the many steps required to build and deploy an ML model, including “data loading, verification, splitting, processing, feature engineering, model training and verification, hyperparameter tuning and model serving.”
Read more: https://threatpost.com/kubernetes-crypto...rk/156481/
![[-]](https://www.geeks.fyi/images/collapse.png)
