More than 400 servers running virtualization software, the Docker, have been found to be vulnerable to external hacking. Most are said to be exploited to run cryptographic monetization software.
This is in line with a report by security company Imperva. Docker is a mainstream virtualization software that has become widespread in Linux for servers. As a library to control the virtual environment base, if the setting is changed from the outside, public access is allowed. By combining these settings with newly discovered vulnerabilities, an attacker can gain administrative privileges on the docker server and install any desired software. As a result, the vulnerability makes it possible to install or run any malicious code, as well as CryptoJacking, which does password-borrowing using other hardware without permission.
Inferba claimed that he had discovered 3,822 hosts who made API mistakes in the wrong setting. Of those, 500 were actually accessible. According to Inferba, most of the 400 hosts that released the Remote API had the Moneta mining software running and the attacker could access unencrypted authentication information data such as database and password.
In February, security company Symantec confirmed the presence of a malicious code hacking tool that unauthorized the installation of Monroe mining. Since then, Microsoft has removed 8 apps for Windows 10 from the official market. Likewise, there are malicious codes spreading to steal PCs and servers aiming at mining in major corporations. Cryptojacking is a method of making money that is widely used among cybercriminals. On the other hand, Coin Hive, which offers legitimate cryptographic mining services, was closed at the end of February. For more information, please click here .