The powerful machine-learning clusters that are present on the Azure cloud computing network of Microsoft experienced a large amount of cryptojacking attacks on it, announced on June 10.
In its blog post, Microsoft specified that some of its customers misconfigured the nodes of the network which give the power to the hackers to seize the control of the customers and mine their privacy-focused cryptocurrency Monero (XMR).
Kubeflow Is Target
According to Microsoft, at the time of the attack, tens of clusters were affected. The main target of it was Kubernetes platform’s Kubeflow, a machine learning toolkit.
It has been notified that by default, only the internal nodes could access the dashboards which control the Kubeflow, therefore, when the users tunnel in through the Kubernetes API, it is important for them to use port-forwarding. But there have been some users who according to their convenience, had directly exposed the dashboard to the internet.
Nodes Are Being Used To Mine Monero
After getting access to the dashboard, the attackers also get the vectors, which help them in compromising the system.
There has been a possibility that the hacker might have used the malicious images to establish the server of Jupyter notebook that is present in the cluster.
The security team of Azure get to know that a suspected image present on the various learning clusters has been taken from the public archive.
While the investigation was on, the Azure Security Center team found there have been layered of images which ran an XMRig miner. The report further mentioned that the miner has been using the nodes secretively to mine Monero.
Usually, the machine learning clusters are powerful but at times when it contains GPU, then it is easy for cryptojackers to attack it.
A report by Sophos, a cybersecurity firm, recently expose that earlier also Microsoft’s SQL Server database was hacked by the attacker so that it could install XMRig software to mine Monero.
Articles You May Read.