Hacked Google Cloud accounts are a pass for fraudulent miners

In its latest report, “Threat Horizons”, Google describes a new crime involving scam miners, cryptocurrencies and efficient equipment in the lead role. The key to numerous abuses of efficient equipment “in the cloud” are hacked Google Cloud accounts. This is hardly surprising, because in and of itself, mining cryptocurrencies is expensive, but also very profitable.

Fraudsters hijack Google Cloud accounts to mine cryptocurrencies

With the report, the company primarily wants to help organizations maintain the security of cloud environments. According to the information provided, the entire 86% of the 50 hijacked Google Cloud accounts were in most cases used to mine cryptocurrencies using specialized software that the attacker (human or bot) downloaded within 22 seconds of hacking the account.

Also read: Pixel 6 smartphones are charging too slowly. Google explains the reason

While cloud customers continue to face a variety of threats across applications and infrastructure, many successful attacks are due to low security [kont] and failure to implement primary controls. Recently, our team has reacted to fraudulent cryptocurrency mining, phishing campaigns and ransomware. Given these specific observations and overall threats, organizations that emphasize safe implementation, monitoring, and continuous assurance will be more successful in mitigating these threats, or at least reducing their overall impact.

– we read in the summary of the Google report.

Also read: Google Maps will get a feature that will allow you to avoid pre-Christmas crowds

Additionally, a Google report revealed that 10% of compromised instances of Google Cloud accounts were used to scan other publicly available resources on the Internet to identify vulnerable systems, and 8% of the instances were used to attack other targets.