menu
techminis

A naukri.com initiative

google-web-stories
source image

Securityaffairs

2M

read

9

img
dot

Image Credit: Securityaffairs

Crooks are targeting Docker API servers to deploy SRBMiner

  • Threat actors are targeting Docker remote API servers to deploy SRBMiner crypto miners on compromised instances.
  • Attackers bypass security by using the gRPC protocol over h2c to execute crypto mining on Docker hosts.
  • After scanning for public-facing Docker API hosts and checking for HTTP/2 upgrades, attackers manipulate Docker functionalities via gRPC methods.
  • SRBMiner is downloaded and deployed from GitHub, with attackers mining cryptocurrency to their wallet and masking their public IP address.

Read Full Article

like

Like

For uninterrupted reading, download the app