Beware! Bad Individuals Use Google Cloud To Mine Crypto

JAKARTA – Software giant Google is warning users about malicious actors using their compromised Google Cloud accounts to mine cryptocurrencies. This Google Cloud account has access to processing power that can be easily diverted to perform malicious tasks.

According to the first "Threat Horizons" report, released by Google to raise awareness about security flaws in its platform, 86% of compromised accounts were used for this purpose.

The report, as quoted by bitcoinnews.com, states that mining cryptocurrency in the cloud causes high CPU and/or GPU power usage. It also refers to mining alternative cryptocurrencies such as Chia, which uses storage space as a mining resource.

Causes and Mitigation

The first cause of compromise of checked Google Cloud instances is poor security due to different issues. One of these issues is a weak or non-existent password to access the platform, or a lack of API validation in the instance.

Without basic security measures in place, bad actors can easily gain control of this platform. Other cloud platforms are also facing similar problems.

Most of the instances studied by cryptocurrency mining software can download in less than 22 seconds after being compromised. This indicates that there is a systematic attack from these unsecured Cloud instances.

Additionally, bad actors appear to be actively tracking these unsafe Google Instances, given that 40% of insecure instances were compromised within eight hours of deployment. Google states:

“This indicates that the public IP address space is routinely scanned for vulnerable Cloud instances. It's not a matter of whether a vulnerable Cloud instance is detected, it's when."

To mitigate this risk, the report recommends that users follow basic security best practices and implement container analysis and web scanning, tools that investigate system security vulnerabilities using various techniques such as crawling.