Monero Crypto Miners, Leveraging Weak Docker Hosts

Another exploit related to Monero just surfaced.

A brand new report released by Imperva security research company reveals that crypto miners have been exploiting hundreds of fragile Docker hosts that are associated with the Monero project.

This results in the fact that a lot of XMR based transactions have been obscured and all the data related to them is basically impossible to trace.

A lot of vulnerable Docker hosts are exploited by bad actors who are taking advantage of particular modules according to Bitcoinexchangeguide.com.

These modules are  CVE-2019 – 5736 runC and they allow for Monero transactions to be meddled with.

Finding open Docker ports

Imperva issued a statement, and they said that they used Shodan as a tool to find the open Doker ports.

They reportedly located 3,822. These had their APIs exposed to the public, and what’s even worse, more than 400 of them had IP addresses that “were accessible on the 2735/2736 port-channel” Imperva notes.

They continue and explain that “We found that a cryptocurrency miner for a currency called Monero is running most of the exposed Docker remote API IPs. Monero transactions are obfuscated, meaning the source, amount, or destination of a transaction is almost impossible to track.”

Bitcoinexchangeguide notes that there are a lot of potential attacks on other compromised servers.

They can reportedly include masked IP Attacks, phishing campaign hosting services and stealing of sensitive data and credentials.

Monero was just updated

In other news, Monero had just been successfully updated a few days ago.

Monero‘s latest update included tweaks to the PoW algorithm for better ASIC-resistance, some changes to mitigate big bang attacks and enhanced transaction homogeneity to improve privacy even more.

Overall, things are going great for the most important privacy-oriented coin, despite the fact that it’s in the news a lot due to illegal mining and more such dark activities.


by

Tags:

Comments

Leave a Reply

Your email address will not be published. Required fields are marked *