scorecardresearch
Follow Us:
Tuesday, January 25, 2022

Cryptocurrency miners are now hacking accounts of Cloud users, Google warns

Google Cloud is the one of the most popular Cloud Computing platforms along with AWS and Microsoft Azure, and is technically capable of being used for crypto mining.

By: Tech Desk | Pune |
November 26, 2021 7:13:30 pm
Android, Android for India, JioPhone Next, Google JioPhone Next, Google Jio phoneThe logo of Google is seen on a building. REUTERS/Charles Platiau/File Photo

Google has warned that cyber criminals are now hacking Google cloud accounts to mine cryptocurrency. Details of the hack were highlighted in Google’s first threat horizon report published by the company’s cybersecurity action team.

The report said that 86 percent of the compromised Google Cloud instances were used to perform cryptocurrency mining, a cloud resource-intensive for-profit activity, adding that in the majority of cases, the cryptocurrency mining software was downloaded within 22 seconds of the account being compromised.

Google’s cloud service is the one of the most popular remote storage system, where the tech giant stores customers’ data and files in a remote server—which is technically capable of being used for crypto mining. Cryptocurrency mining requires high-powered computers, that are competing to solve complex mathematical puzzles, in a process that makes intensive use of computing power and electricity.

Interestingly, Google noted that of 50 percent hacks of its cloud computing service, more than 80 percent were used to perform cryptocurrency mining.

Cloud customers continue to face a variety of threats across applications and infrastructure, and many successful attacks are “due to poor hygiene and a lack of basic control implementation,” Google said in its blog post.

Additionally, 10 percent of compromised Cloud instances were used to conduct scans of other publicly available resources on the internet to identify vulnerable systems, and 8 percent of instances were used to attack other targets. “While data theft did not appear to be the objective of these compromises, it remains a risk associated with the cloud asset compromises as bad actors start performing multiple forms of abuse,” Google added.

The tech giant has recommended its cloud customers to improve their security by enabling two-factor authentication—it is an extra layer of protection used to ensure the security of online accounts beyond just a username and password.

Meanwhile, Google in the report added that the Russian government-backed hacking group APT28, also known as Fancy Bear, attacked as many as 12,000 Gmail accounts in a mass phishing attempt, tricking users into handing over their login details.

The attackers attempted to lure account holders sending out emails that read: “We believe that government-backed attackers may be trying to trick you to get your account password.”

However, Google said that it identified the attack and has blocked all the phishing emails, which were designed to attack UK, US and Indian users— and by far no users’ details have been compromised.

📣 The Indian Express is now on Telegram. Click here to join our channel (@indianexpress) and stay updated with the latest headlines

For all the latest Technology News, download Indian Express App.

  • Newsguard
  • The Indian Express website has been rated GREEN for its credibility and trustworthiness by Newsguard, a global service that rates news sources for their journalistic standards.
  • Newsguard
Advertisement
Advertisement
Advertisement
Advertisement