Topic: Continues integration used for mining (Read 200 times)
That's quite interesting and as long as none of the service providers offers free resources, that threat can't survive for a long time... The same blog post also mentioned the possibility of a 51% attack on Bitcoin and even if they remain undetected for some time, I wouldn't be worried.
Interesting and a bit more sophisticated then some other ways people have hijacked things for mining but ultimately you really have to wonder if the time and effort they are putting into this will came back to haunt them due to the size. This will force the authorities to get involved and so on.
As has been shown sooner or later large bot-nets are more likely going to get taken down hard and the operators found then smaller ones. Since they are also concentrating on big providers, they are more likely to have a good working relationship with the feds...
-Dave
As has been shown sooner or later large bot-nets are more likely going to get taken down hard and the operators found then smaller ones. Since they are also concentrating on big providers, they are more likely to have a good working relationship with the feds...
-Dave
Some of you may be aware of "continues integration" approach in software development. One of tool used for that could be - for example - GitHub Actions. Server takes software code and launches build, tests etc, to see if new development did not break anything. That's theory. What if someone would add "one more extra task" to be performed on the server side?
The Sysdig Threat Research Team (Sysdig TRT) recently uncovered an extensive and sophisticated active cryptomining operation and called that PURPLEURCHIN - more details there: https://sysdig.com/blog/massive-cryptomining-operation-github-actions/
The Sysdig Threat Research Team (Sysdig TRT) recently uncovered an extensive and sophisticated active cryptomining operation and called that PURPLEURCHIN - more details there: https://sysdig.com/blog/massive-cryptomining-operation-github-actions/
Jump to: