Google has published about a just identified threat, the report has it that people are hacking google cloud to mine their cryptocurrency accounts which is a huge threat to the progress of crypto ecosystem. Google cloud is a combination of physical assets, such as hard disk drives, virtual resources that are contained in Google’s data platforms. Human beings are very self centred and insatiable, what seems to be fun, engaging and really profit oriented for many is gradually been threatened due to the current engagement of fraudsters. The desire to cash out by all means even to the point of disrupting that which pays you is really uncalled for and unreasonable. The whole idea of mining is to add more bitcoins to the digital currency ecosystem why disrupt the process.
Google’s Cybersecurity Action Team just noticed that hackers are performing cryptocurrency mining, a Cloud resource-intensive, for-profit activity, within compromised instances of Google Cloud accounts. The computer hardware calculate’s complex mathematical equations to add up to whatever bitcoin that already exists through what is called mining. To prevent people from getting more than the required bitcoin allocated to them daily, the mining process is linked to a tough rating which is unpredictable and is dependent on the number of miners competing for network blocks.
The team also informed about Russian state hackers are trying so much to access the passwords of users by devising different strategies such as; warning they have been targeted by government-backed attackers; North Korean hackers posing as Samsung job recruiters; and the use of heavy encryption in ransomware attacks.
It was stated that “86% of the compromised Google Cloud instances were used to perform cryptocurrency mining, a cloud resource-intensive for-profit activity”, which when included to the majority of cases the cryptocurrency mining software was downloaded within 22 seconds of the account being compromised. The team also said that three-quarters of the cloud hacks the attackers had taken advantage of poor customer security or vulnerable third-party software.
Google’ has advised users to improve their security and include two-factor authentication which is an extra security measure after a generic user name and password.
In other news it was said that the Russian government-backed hacking group APT28, also known as Fancy Bear, targeted 12,000 Gmail accounts in a mass attempt at phishing, where users are tricked into handing over their login details. The attackers tired to convince users into giving personal information about their accounts saying; “We believe that government-backed attackers may be trying to trick you to get your account password.” In bid to remedy this, Google has blocked all the phishing emails in the attack which focused on the UK, the US and India and no users’ details had been compromised.
Solving ransomware attacks, where the files and data on a user’s computer are encrypted by the attacker until a payment is made for their release, was difficult because heavy encryption “makes recovery of files nearly impossible without paying for the decryption tool”. Black matter is still a great risk until it has shut down operations.