Money may not grow on trees, but apparently, it can grow in
Amazon Web Services (AWS).
A report from the security intelligence group
RedLock found
at least two companies which had their AWS cloud services
compromised by hackers who wanted nothing more than to use the
computer power to mine the cryptocurrency bitcoin. The hackers
ultimately got access to Amazon’s cloud servers after discovering
that their administration consoles weren’t password protected.
“Upon deeper analysis, the team discovered that hackers were
executing a bitcoin mining command from one of the Kubernetes
containers,” reads the RedLock report. Kubernetes
is a
Google-created, open-source technology that makes it
easier to write apps for the cloud.
“The instance had effectively been turned into a parasitic bot
that was performing nefarious activity over the internet,” the
report says.
The companies impacted were Aviva and Gemalto, both multi-billion
dollar, multi-national companies. They were notified by RedLock
about the issues.
Hackers are known to slip into corporate servers to steal data,
which they usually sell for money, or give to state-actors
who are looking for intel. But bitcoin mining is a different
thing all together. These hackers are basically just stealing
pricey space in corporate cloud storage.
Amazon, Aviva and Gemalto did not immediately respond to requests
for comment.
Power in numbers
Though anyone could try to mine bitcoin off their computer
services, the process is super energy intensive, and could be
costly in electricity costs alone. But it’s worth while for many
because success can be very lucrative.
BI
Intelligence
To avoid the high cost of going at it alone, most bitcoin
miners join a pool of different computers which combined their
powers to solve complex algorithms. Successfully solving the
problem generates a set number of new bitcoin, which as
of Friday were worth upwards of $4,300 each. Inherent
to its design, the cryptocurrency can be mined until there are a
total of 21 million bitcoin floating around the internet, but the
process becomes more and more difficult as the years pass.
RedLock discovered the breaches along with hundreds of other
administration consuls which were unlocked across AWS, Microsoft
Azure, and Google Cloud — most likely by a careless systems
administrator. But illicit bitcoin mining isn’t always coming
from the outside.
CoinDesk reported that two IT workers for the government of
Crimea were fired in late September, after
it was discovered that they were mining bitcoins on their
work computers. In January,
an employee for the US Federal Reserve was put on probation
and fined for mining on servers owned by the US central
bank.