AWS Hijacked For Bitcoin Mining


Money may not grow on trees, but it sure is available in the cloud! It appears that the AWS cloud services of two large companies were abused by hackers to mine Bitcoin.

Cloud security research firm RedLock revealed this in a report (PDF file), saying that the cloud infrastructures of two multinational organizations were hijacked by cybercriminals, who used the immense power of the Amazon Web Services platform to mine the popular cryptocurrency.

The two organizations affected in this interesting little breach were Aviva and Gemalto.

It so happened that the RedLock Cloud Security Intelligence (CSI) Team began its investigation after discovering a number of Kubernetes applications hosted on the public cloud at AWS, Microsoft Azure, and Google Compute Engine were not password protected.

The research firm actually goes so far as to say that these web apps were basically open to the public, creating a window of opportunity for intruders.

And lo and behold, intruders did take full advantage.

They basically turned the cloud infrastructures into parasitic bots that executed mining commands. The security firm claims that any form of a cloud monitoring process could have highlighted this significant gap in the firms’ defenses.

Mining Bitcoins is a very energy intensive process, and the cybercriminals used the AWS cloud to facilitate their activities — without obviously paying for the usage.

Every day a new threat, eh?