Kinsing Malware Targets Kubernetes
1 min read
Jan 16, 2023
Kinsing is an old-school Linux/Unix Executable and Link format (ELF) malware program that runs a cryptominer and attempts to spread itself to other containers and hosts.
It’s always something! The Kinsing malware has long been known to Linux administrators, and, now — surprise! — it’s coming after Kubernetes as well.
Kinsing is an old-school Linux/Unix Executable and Link format (ELF) malware program, written in Go. Given a chance, it runs a cryptominer and attempts to spread itself to other containers and hosts. Over the years, it’s been used in attacks against Docker, Redis, and SaltStack. And, now, now, Kinsing hackers are coming after Kubernetes. I’m shocked, shocked to discover that cryptomining is going on in Kubernetes!
Not.
Sunders Bruskin, Microsoft Defender for Cloud security researcher, is reporting on how it’s now often targeting Kubernetes clusters using two different initial access vector techniques. These are the exploitation of weakly configured PostgreSQL containers and vulnerable images.
Related Articles
1 - 0 min read
Analyzing AcidPour: A New and Evolving Linux Malware Threat
1 - 0 min read
New DDoS Malware Puts Apache Servers at Risk
