They fooled a lot of people. [Research Saturday]

CyberWire Daily

N2K Networks, Inc.

Daily News, News, Tech News, Technology

4.8 • 1.1K Ratings

🗓️ 29 August 2020

⏱️ 14 minutes

🔗️ Recording | iTunes | RSS

🧾️ Download transcript

Summary

Docker containers have been gaining popularity over the past few years as an effective way of packaging software applications. Docker Hub provides a strong community-based model for users and companies to share their software applications. This is also attracting the attention of malicious actors intending to make money by cryptojacking within Docker containers and using Docker Hub to distribute these images. Palo Alto Networks' Unit 42 researchers identified a malicious Docker Hub account, azurenql, active since October 2019 that was hosting six malicious images intended to mine the cryptocurrency, Monero. The images hosted on this account have been collectively pulled more than two million times. Additionally, when last checked minexmr.com for this wallet ID, Palo Alto's team saw recent activity indicating that it’s still being used. Joining us on this week's Research Saturday is Jen Miller-Osborn from Palo Alto Networks' Unit 42 group to share the research and findings. The research and blog post can be found here: Attackers Cryptojacking Docker Images to Mine for Monero Learn more about your ad choices. Visit megaphone.fm/adchoices

Transcript

Click on a timestamp to play from that location

0:00.0	You're listening to the CyberWire Network, powered by N2K.
0:07.0	Today's episode is sponsored by SRM, your first call for cybersecurity and
0:18.1	investigations. Threats today are evolving faster than ever before and since 2005 SRM has pioneered
0:25.3	tailored security solutions for global corporations and their executives.
0:29.5	Whether it's defending against cyber attacks with their award-winning team of ethical hackers and incident response specialists,
0:36.4	or navigating the murky waters of compliance and ESG challenges,
0:40.9	SRMs, Insight and Straight straightforward advice will help you navigate complex risks
0:46.4	and emerge more resilient.
0:48.4	Their secret, a culture that nurtures the sharpest minds, giving them access to the newest technologies and the freedom
0:55.3	to solve problems in new ways, enabling them to craft simple effective solutions for your
1:01.4	unique cyber challenges.
1:03.7	Search your first call to discover how SRM can help your business. Hello everyone and welcome to the CyberWire's Research Saturday.
1:25.0	I'm Dave Bitner and this is our weekly conversation with researchers and analysts
1:29.0	tracking down threats and vulnerabilities, solving some of the hard problems of protecting ourselves in a rapidly
1:35.2	evolving cyberspace. Thanks for joining us.
1:42.0	So the researchers initially found this because they were specifically looking for
1:47.6	repositories which were mimicking legitimate repository names.
1:53.6	That's Jen Miller-Osporn.
1:55.2	She's deputy director of threat intelligence
1:57.6	with Palo Alto Networks Unit 42.
2:00.8	The research we're discussing today
2:02.3	is titled Attackers cryptojacking Docker Images to mine for Manaro. You can sense to glory.
	...

Please login to see the full transcript.

Previous episode | Next episode

Disclaimer: The podcast and artwork embedded on this page are from N2K Networks, Inc., and are the property of its owner and not affiliated with or endorsed by Tapesearch.

Generated transcripts are the property of N2K Networks, Inc. and are distributed freely under the Fair Use doctrine. Transcripts generated by Tapesearch are not guaranteed to be accurate.