Bitcoin miners are using compromised Google Cloud accounts for computationally-intensive mining purposes, Google has warned.
The search giant’s cybersecurity team provided details in a report published Wednesday. The so-called “Threat Horizons” report aims to provide intelligence that allows organizations to keep their cloud environments secure.
Other threats identified by the team in its first “threat horizon” report include 3 moments. Firstly, Russian state hackers attempting to gain users’ passwords by warning they have been targeted by government-backed attackers. Secondly, North Korean hackers posing as Samsung job recruiters. Thirdly, the use of heavy encryption in ransomware attacks.
“Mining” is the name for the process by which blockchains such as those that underpin cryptocurrencies are regulated and verified, and requires a significant amount of computing power. Google reported that of 50 recent hacks of its cloud computing service, more than 80% were used to perform cryptocurrency mining.
The report said that “86% of the compromised Google Cloud instances were used to perform cryptocurrency mining, a cloud resource-intensive for-profit activity”, adding that in the majority of cases the cryptocurrency mining software was downloaded within 22 seconds of the account being compromised. Google said that in three-quarters of the cloud hacks the attackershad taken advantage of poor customer security or vulnerable third-party software.
In a blog post Google said that while customers using the cloud services face various threats, the attacks take place due to poor hygiene. “While cloud customers continue to face a variety of threats across applications and infrastructure, many successful attacks are due to poor hygiene and a lack of basic control implementation,” Google wrote.
One of the cryptocurrencies that consumes the most energy and resources is Bitcoin, which has earned it harsh criticism. Meanwhile, miners are looking for alternatives to lessen this disadvantage in a world that is marching towards decarbonization.
“The cloud threat landscape in 2021 was more complex than rogue cryptocurrency miners, of course,” noted the report’s writers, Bob Mechler, director of the office of the chief information security officer at Google Cloud, and Seth Rosenblatt, Google Cloud security editor.
