Google warns miners against using hacked cloud accounts


Google has warned that cryptocurrency miners are using hacked Google Cloud accounts for computing-intensive mining purposes, according to a report by the Arab Gateway for Technical News.

The search giant’s cybersecurity team provided the details in a report called Threat Horizons, and this report aims to provide information that allows organizations to keep their cloud environments secure.

In a summary of the report, Google wrote: “Cryptocurrency mining has been observed via hacked cloud accounts, and cryptocurrency mining is a profitable activity that often requires large amounts of computing power, which Google Cloud customers can access for a specific cost.

Google Cloud is a remote storage platform where customers can keep data and files off-site.

Google stated that 86% of the 50 accounts recently hacked via Google Cloud were used to perform cryptocurrency mining operations.

About 10% of the compromised accounts were used to conduct surveys of other publicly available online resources to identify vulnerable systems, while 8% of the accounts were used to attack other targets.

The search giant said that malicious actors were able to gain access to Google Cloud accounts, by taking advantage of weak customer security practices.

Almost half of the compromised accounts were attributed to actors gaining access to a Google Cloud account that had no password or had a weak password.

As a result, Google Cloud accounts can be easily scanned and hacked, and about a quarter of the hacked accounts were due to vulnerabilities in third-party software installed by the owner.

Google talks about cloud threats

Bitcoin, the world’s most popular cryptocurrency, has been criticized for being energy-intensive, and Bitcoin mining uses more energy than some entire countries, and in May, police raided a suspected cannabis farm to find it was an illegal Bitcoin mining hub.

“The landscape of cloud threats in 2021 was more complex than just crypto miners,” wrote Bob Mitchler, Google Cloud’s chief information security officer.

He said that Google researchers also revealed a phishing attack by the Russian Fancy Bear group at the end of September, adding that the company prevented the attack.

He explained that Google researchers also identified a threat group backed by the North Korean government, which pretended to be Samsung’s recruiters.

This is in order to send malicious attachments to employees of several cybersecurity companies in South Korea to combat malware.


Please enter your comment!
Please enter your name here