A report indicates that Google has detected a new way hackers are using to mine cryptocurrency illegally. They would take possession of Google Cloud accounts in order to make use of their resources.
Google Cloud accounts used to illegally mine cryptocurrency
The Google report, called “Threat Horizons”, details the latest threats affecting its services. In it, we learn that hackers have recently been caught using Google Cloud accounts to mine cryptocurrency without using their own resources.
50 accounts were reportedly compromised, and 86% of them were compromised in order to conduct illegal mining. 10% were also used to scan available resources and identify vulnerable systems elsewhere on the Internet. According to Google, several types of cryptocurrencies were mined in this way:
“[Cloud accounts] were used to mine cryptocurrency, a lucrative activity requiring considerable cloud resources, which typically consumes CPU/GPU resources, or in the case of Chia, storage space.”
Insufficient security on the user side?
The report notes that data theft did not seem to be the goal of these attacks, but it is of course a related risk, as hackers have access to accounts. Google further explains that in 75 percent of the cases, the attack was made possible by “poor security practices on the part of customers or vulnerable third-party software.”
In more than half of the cases, the mining software was installed within 22 seconds of the account being compromised. This indicates that the process was fully automated by the hackers.
To guard against these attacks, Google urges users to regularly update the third-party software used, enforce good password management, and regularly use its tools to scan accounts.
