October 4, 2023 2:33 am

Cryptocurrency Miners Using Hacked Cloud Accounts, Google Warns

Facebook
Twitter
LinkedIn
Pinterest
WhatsApp
Telegram

URGENT: JUST 11 DAYS REMAIN TO HELP SAVE INDEPENDENT MEDIA & ANR, TO ENSURE WE ARE FULLY FUNDED FOR NEXT MONTH,SO LET'S CUT THE BS & GET TO THE POINT - WE WILL BE FORCED LAY OFF STAFF & REDUCE OPERATIONS UNLESS WE ARE FULLY FUNDED WITHIN THE NEXT 2 WEEKS - Sadly, less than 0.5% of readers currently donate or subscribe to us But YOU can easily change that. Imagine the impact we'd make if 3 in 10 readers supported us today. To start with we’d remove this annoying banner as we could fight for a full year...

Cryptocurrency Miners Using Hacked Cloud Accounts, Google Warns

By Dan Milmo

‘Threat horizon’ report by tech firm’s cybersecurity action team details hacking threats to cloud service.

Cyberhackers are using compromised cloud accounts to mine cryptocurrency, Google has warned.

Details of the mining hack are contained in a report by Google’s cybersecurity action team, which spots hacking threats against its cloud service – a collection of remote computing services which can include storage of customers’ data and files off-site – and gives advice on how to tackle them.

Other threats identified by the team in its first “threat horizon” report include: Russian state hackers attempting to gain users’ passwords by warning they have been targeted by government-backed attackers; North Korean hackers posing as Samsung job recruiters; and the use of heavy encryption in ransomware attacks.

“Mining” is the name for the process by which blockchains such as those that underpin cryptocurrencies are regulated and verified, and requires a significant amount of computing power. Google reported that of 50 recent hacks of its cloud computing service, more than 80% were used to perform cryptocurrency mining.

The report said that “86% of the compromised Google Cloud instances were used to perform cryptocurrency mining, a cloud resource-intensive for-profit activity”, adding that in the majority of cases the cryptocurrency mining software was downloaded within 22 seconds of the account being compromised. Google said that in three-quarters of the cloud hacks the attackershad taken advantage of poor customer security or vulnerable third-party software.

Google’s recommendations to its cloud customers to improve their security include two-factor authentication – an extra layer of security on top of a generic user name and password – and signing up to the company’s work safer security programme.

Elsewhere in the report, Google said the Russian government-backed hacking group APT28, also known as Fancy Bear, targeted 12,000 Gmail accounts in a mass attempt at phishing, where users are tricked into handing over their login details. The attackers attempted to lure account holders into handing over their details via an email that said: “We believe that government-backed attackers may be trying to trick you to get your account password.” Google said it had blocked all the phishing emails in the attack – which focused on the UK, the US and India – and no users’ details had been compromised.

Person’s hand typing on a laptop
Police and banks tell shoppers to be vigilant for Black Friday scams
Read more
Another hacking ruse flagged by Google in the report involved a North Korea-backed hacker group posing as recruiters at Samsung and sending fake job opportunities to employees at South Korean information security companies. Victims were then steered towards a malicious link to malware stored in Google Drive, which has now been blocked.

Google said dealing with ransomware attacks, where the files and data on a user’s computer are encrypted by the attacker until a payment is made for their release, was difficult because heavy encryption “makes recovery of files nearly impossible without paying for the decryption tool”. The report flags the emergence of Black Matter, which it describes as a “formidable ransomware family”.

However, at the beginning of the month Black Matter said it was shutting down due to “pressure from the authorities”. Black Matter victims include the Japanese technology group Olympus.

The Google report said: “Google has received reports that the Black Matter ransomware group has announced it will shut down operations given outside pressure. Until this is confirmed, Black Matter still poses a risk.”

This article was amended on 26 November 2021 to clarify details about Google’s cloud service.

Start investing In cryptocurrency with Bitxchange. If you’re new to the world of crypto, and figuring out how to buy cryptocurrencies, then cryptocurrency exchanges like Bitxchange help you to easily buy and sell crypto.

Opinion pieces don’t necessarily reflect the position of our news site but of our Opinion writers.

Support the ANR from as little as $8 – it only takes a minute. If you can, please consider supporting us with a regular amount each month. Thank you.

Related News

Subscribe for free to our ANR news emails and access 2 free ebooks plus Reports to share with family and friends about Covid fraud and the danger of the vaccines.

Australian National Review is Australia’s first real free and independent press, one with no editorial control by the elite, but a publication that can generate critical thinkers and critical debate and hold those spreading mistruths and deliberate propaganda in mainstream media to account.

News with a difference that will be educational, compelling and create a platform for political and social change in this country and address the real issues facing this country and the world.

Watch Full Documentary

URGENT: JUST 3 DAYS REMAIN TO HELP SAVE INDEPENDENT MEDIA & ANR, SO LET'S CUT THE BS & GET TO THE POINT - WE WILL BE FORCED TO LAY OFF STAFF & REDUCE OPERATIONS UNLESS WE ARE FULLY FUNDED WITHIN THE NEXT 2 WEEKS

Sadly, less than 0.5% of readers currently donate or subscribe to us But YOU can easily change that. Imagine the impact we'd make if 3 in 10 readers supported us today. To start with we’d remove this annoying banner as we could fight for a full year...

Get access to TruthMed- how to save your family and friends that have been vaxx with vaccine detox, & how the Unvaxxed can prevent spike protein infection from the jabbed.

Free with ANR Subscription from $8

Download the Full PDF - THE COVID-19 FRAUD & WAR ON HUMANITY