Machine-learning clusters in Azure hijacked to mine cryptocurrency

 In Biz & IT, cloud, cryptojacking, hacking, kubeflow, Kubernetes

Machine-learning clusters in Azure hijacked to mine cryptocurrency

Serving the Technologist for more than a decade. IT news, reviews, and analysis.
Stylized, composite image of bitcoins against motherboards.

Enlarge (credit: Getty Images)

Attackers recently hijacked powerful machine-learning clusters inside Microsoft’s Azure cloud-computing service so that they could mine cryptocurrency at the expense of the customers who rented them, the company said Wednesday.

The nodes, which were misconfigured by customers, made the perfect target for so-called cryptojacking schemes. Machine-learning tasks typically require vast amounts of computing resources. By redirecting them to perform the compute-intensive workloads required to mine digital coins, the attackers found a means to generate large amounts of currency at little or no cost.

The infected clusters were running Kubeflow, an open source framework for machine-learning applications in Kubernetes, which is itself an open source platform for deploying scalable applications across large numbers of computers. Microsoft said compromised clusters it discovered numbered in the “tens.” Many of them ran an image available from a public repository, ostensibly to save users the hassle of creating one themselves. Upon further inspection, Microsoft investigators discovered it contained code that surreptitiously mined the Monero cryptocurrency.

Read 6 remaining paragraphs | Comments

Microsoft shuts down hacking spree that preyed on misconfigured machines.

Recent Posts
Contact Us

We're not around right now. But you can send us an email and we'll get back to you, asap.

Not readable? Change text. captcha txt