New Malware Hijacks Kubernetes Clusters To Mine Monero – Experts Insight

Yesterday researchers from Palo Alto Networks’ Unit 42 published their discovery of a never-before-seen malware, dubbed Hildegard, that is being used by the TeamTNT threat group to target Kubernetes clusters. While Hildegard, initially detected in January 2021, is initially being used to launch cryptojacking operations, researchers believe that the campaign may still be in the reconnaissance and weaponization stage. Eventually, they warn, TeamTNT may launch a more large-scale cryptojacking attack via Kubernetes environments or steal data from applications running in Kubernetes clusters.

Experts Comments

February 05, 2021
Mark Bower
Senior Vice President
comforte AG

Kubernetes is extremely powerful and a new foundation of IT strategy, but not immune from malware, vulnerability and exploitation. Indeed, the dynamics, agility and scale that make it attractive to run scaled workloads at a moment’s notice also make it an attractive target for exploitation. While many attacks to date have focused on cryptomining, with the growing utilization of Kubernetes across industry, it will continue to be a focus of attack. The nature of this malware evidences that

.....Read More

Kubernetes is extremely powerful and a new foundation of IT strategy, but not immune from malware, vulnerability and exploitation. Indeed, the dynamics, agility and scale that make it attractive to run scaled workloads at a moment’s notice also make it an attractive target for exploitation. While many attacks to date have focused on cryptomining, with the growing utilization of Kubernetes across industry, it will continue to be a focus of attack. The nature of this malware evidences that managing risk when running kubernetes applications has to go beyond dependence on the bare minimum infrastructure level controls like TLS and container encryption, and shift to data-centric security for sensitive personal data. This has proven highly effective over the last decade, with new techniques like stateless data tokenization taking strategic prominence with industry leading enterprises. The good news is this available for cloud-native/kubernetes ecosystems today and ready to mitigate threats while letting enterprises get on with digital transformation at full throttle without breach risks getting in the way.

  Read Less

Submit Your Expert Comments

What do you think of the topic? Do you agree with expert(s) or share your expert opinion below.
Be part of our growing Information Security Expert Community (1000+), please register here.

Write Your Expert Comments *
Your Registered Email *
Notification Email (If different from your registered email)
* By using this form you agree with the storage and handling of your data by this web site.