Google warns: the miners are using hacked cloud accounts

The company claimed that 86% of the 50 recently hacked Google Cloud accounts were used to mine cryptocurrency

01.12.2021 - 14:30

165

1 min

What’s new? Google has warned that the majority of the hacked Google Cloud accounts are being used by the attackers for mining. The search giant's cybersecurity service has released a detailed report called “Threat Horizons.”

The Google Report

What does the report say? Google said that 86% of the 50 recently hacked accounts were used to mine cryptocurrency. In most cases, the mining software was downloaded within 22 seconds of being hacked. About 10% of the compromised accounts were also used to scan other public resources on the Internet, and another 8% were used to attack other websites.

How did the attackers gain access to the accounts? Google claims that the attackers were able to gain access to the Google Cloud accounts by taking advantage of the weak protection from the service's customers. Almost half of the compromised accounts had a weak password without two-factor authentication. About a quarter of the hacks involved vulnerabilities in third-party software that users had installed.

What else did Google claim? Seth Rosenblat, the security editor at Google Cloud, added that in late September the company blocked a phishing attack by the Russian hacker group APT28/Fancy Bear. The Google researchers also uncovered the North Korean government-backed group of hackers posing as Samsung employees to send malware within South Korea.

Author: