Business Daily Media

The Times Real Estate

.

Cloud Systems Are the New Battleground for Crypto Mining Threat Actors

Trend Micro report warns of growing attack surface for CPU-mining

HONG KONG SAR - Media OutReach - 30 March 2022 - Trend Micro Incorporated (TYO: 4704; TSE: 4704), a global cybersecurity leader, today announced a new report revealing a fierce, hour-by-hour battle for resources among malicious cryptocurrency mining groups.

To read the "A Floating Battleground Navigating the Landscape of Cloud-Based Cryptocurrency Mining" report: https://www.trendmicro.com/vinfo/hk/security/news/cybercrime-and-digital-threats/probing-the-activities-of-cloud-based-cryptocurrency-mining-groups

"Just a few hours of compromise could result in profits for the perpetrators. That's why we're seeing a continuous fight for cloud CPU resources. It's akin to a real-life capture-the-flag, with the victim's cloud infrastructure the battleground," said Stephen Hilt, Senior Threat Researcher at Trend Micro. "Threats like this need joined-up, platform-based security to ensure the bad guys have nowhere to hide. The right platform will help teams map their attack surface, assess risk, and apply for the right protection without adding excessive overheads."

Threat actors are increasingly scanning for and exploiting these exposed instances, as well as brute-forcing SecureShell (SSH) credentials, in order to compromise cloud assets for cryptocurrency mining, the report reveals. Targets are often characterized by having outdated cloud software in the cloud environment, poor cloud security hygiene, or inadequate knowledge on how to secure cloud services and thus easily exploited by threat actors to gain access to the systems.

Cloud computing investments have surged during the pandemic. But the ease with which new assets can be deployed has also left many cloud instances online for longer than needed—unpatched and misconfigured.

On one hand, this extra computing workload threatens to slow key user-facing services for victim organizations, as well as increasing operating costs by up to 600% for every infected system.

Crypto mining can also be a precursor to more serious compromise. Many mature threat actors deploy mining software to generate additional revenue before online buyers purchase access for ransomware, data theft, and more.

The Trend Micro report details the activity of multiple threat actor groups in this space, including:

Outlaw, which compromises IoT devices and Linux cloud servers by exploiting known vulnerabilities or performing brute-force SSH attacks.

TeamTNT, which exploits vulnerable software to compromise hosts before stealing credentials for other services to help it move around to new hosts and abuse any misconfigured services.

Kinsing, which sets up an XMRig kit for mining Monero and kicks any other miners off a victim system.

8220, which has been observed fighting Kinsing over the same resources. They frequently eject each other from a host and then install their own cryptocurrency miners.

Kek Security, which has been associated with IoT malware and running botnet services.

To mitigate the threat from cryptocurrency mining attacks in the cloud, Trend Micro recommends organizations to:

  • Ensure systems are up-to-date and running only the required services
  • Deploy firewall, IDS/IPS, and cloud endpoint security to limit and filter network traffic to and from known bad hosts
  • Eliminate configuration errors via Cloud Security Posture Management tools
  • Monitor traffic to and from cloud instances and filter out domains associated with known mining pools
  • Deploy rules that monitor open ports, changes to DNS routing, and utilization of CPU resources from a cost perspective

About Trend Micro

Trend Micro, a global cybersecurity leader, helps make the world safe for exchanging digital information. Fueled by decades of security expertise, global threat research, and continuous innovation, Trend Micro's cybersecurity platform protects hundreds of thousands of organizations and millions of individuals across clouds, networks, devices, and endpoints. As a leader in cloud and enterprise cybersecurity, the platform delivers a powerful range of advanced threat defense techniques optimized for environments like AWS, Microsoft, and Google, and central visibility for better, faster detection and response. With 7,000 employees across 65 countries, Trend Micro enables organizations to simplify and secure their connected world.

#TrendMicro

News from Asia

Honoring Excellence: The Philippines’ Pioneering Achievements at ACES Awards 2024

BANGKOK, THAILAND - Media OutReach Newswire – 19 December 2024 - At the ACES Awards 2024, leading organizations from the Philippines distinguished themselves through visionary sustainable practice...

Osome Reports Over 25% Revenue Growth, Driven by Product Demand and Increased Customer Engagement, Sets 2025 Roadmap for Sustainable Growth

Osome’s NPS has nearly tripled q-o-q, reflecting significant improvements in customer satisfaction and loyalty. CAC improved by 35% in the past six months through opt...

CKS Spreads Christmas Cheer at Hope Centre Singapore with CSR Activity

SINGAPORE - Media OutReach Newswire - 19 December 2024 - In the spirit of giving and togetherness, CKS Property Consultants, a property valuation company in Singapore, participated in a heartwarm...

Lexus Drives into Its Fifth Year as The Official Automotive Partner of The HSBC Women’s World Championship 2025

SINGAPORE – Media OutReach Newswire - 19 December 2024 - Lexus proudly announces its fifth consecutive year as the official automotive partner of the HSBC Women's World Championship (HWWC) 2025, r...

Profiting from the crypto boom: Octa broker's guide to leveraged trading

KUALA LUMPUR, MALAYSIA - Media OutReach Newswire - 19 December 2024 - With Bitcoin going through the roof in 2024 and the entire crypto market showing substantial growth, retail investors' interes...

Osome Reports Over 25% Revenue Growth, Driven by Product and Operational Progress, Sets 2025 Roadmap for Sustainable Growth

Osome’s NPS has nearly tripled q-o-q, reflecting significant improvements in customer satisfaction and loyalty. CAC improved by 35% in the past six months through optimized s...

AKAR DE NISSIM and Laabmilano Announce the Launch of the DAYA Collection

A Harmonious Fusion of Eastern Philosophy and Italian Design SINGAPORE - Media OutReach Newswire - 16 December 2024 - AKAR DE NISSIM, the distinguished designer furnishing house renowned for its ...

F88 collaborate with MB to offer comprehensive financial solutions at over 850 financial stores

HANOI, VIETNAM - Media OutReach Newswire - 19 December 2024 - The Military Commercial Joint Stock Bank (MB) and F88 on December 16 officially signed a comprehensive cooperation agreement at MB's h...

Trend Micro Achieves 100% Coverage Rate in MITRE ATT&CK® Evaluations

Trend Vision One™ leaves attackers with nowhere to hide HONG KONG SAR - Media OutReach Newswire - 19 December 2024 - Global cybersecurity leader Trend Micro Incorporated (TYO: 4704; TSE: 4704) an...

Tim Hortons® Premium Signature Store at Sunway Pyramid drops Unique Brews and Coffee Crafting Magic

KUALA LUMPUR, MALAYSIA - Media OutReach Newswire - 18 December 2024 - Get ready Malaysia for fresh brews, fresh vibes and a 'Sip, Savor, Repeat' lifestyle unlike any other. Tim Hortons®, t...

Five signs that AI is growing faster than the internet did

What do Aussie businesses need to do to keep up? There has been mounting chatter that AI is growing even faster than the rapid acceleration we sa...

Protecting Your Small Business from Cyber Threats This Holiday Season

The holiday season brings a surge of online activity for small and medium businesses (SMBs), with increased sales and customer inquiries offering ...

Essential SEO Strategies: Boosting Your Real Estate Business

In recent years, it is said that more and more people are searching for properties online than those who visit real estate companies in person. For ...

Every Business Needs to Apply a Concrete Strategy

Do you want your website to rank higher in the top results of the Google search engine? Then hire the excellent SEO Services in Australia for your n...

Navigating Cyber Fraud After a Natural Disaster

As Australia enters another long, hot and potentially destructive summer, businesses and residents are preparing for the natural disasters synonym...

8seats messaging startup aims to transform business communication

The new platform brings an innovative approach to unite office-based and desk-less teams 8seats, a next-generation messaging platform for busine...

Sell by LayBy