Kubernetes Clusters Hacked: What You Need To Know

Contents

Summary Of The Attack

  • Kinsing malware targeting Kubernetes Clusters.
  • Two paths of exploitation were utilized: vulnerable images and misconfigured PostgreSQL servers.
  • The why of the attack is crypto mining and generating revenue.
  • Securing Kubernetes clusters is a tedious job that has to be done.
.

What Happened?

In order to get early access to Kubernetes setups, the threat actors behind the Kinsing Crypto Jacking operation have been seen taking advantage of unprotected and improperly configured PostgreSQL servers.

What Is Kinsing?

Kinsing is malware written in Golang, which is a high level programming language used for creating cloud native applications.

It is compiled using the Go 1.13.6 version.

This malware generally targets Linux environments mainly for cryptocurrency mining. Once installed on the victim’s environment and starts successfully running on the target, the goal becomes invading other PC