Global search engine giant Google has revealed that hackers are increasingly targeting compromised cloud accounts to mine cryptocurrency. The revelation is part of a new report from Google’s in-house cybersecurity action team.
Google’s cybersecurity team, which spots cyber threats and gives advice on how to tackle them, has come out with a report called “threat horizon” that sheds light on multiple threats currently looming in cyberspace.
As per the report, Russian state hackers have been attempting to dupe users into giving away their passwords on the pretence that they were being targeted by government-backed attackers. In North Korea, hackers have been trying to lure users with fraudulent job offers from big-ticket firms like Samsung.
Crypto miners hacking Google cloud accounts
The biggest threat plaguing cyberspace though, is one that’s trying to make the most out of today’s big buzzword, aka cryptocurrency.
Since “mining” blockchains that underpin cryptocurrencies require a significant amount of computing power and expensive software, 86 per cent of the cloud computing hacks are said to be used to perform cryptocurrency mining.
Democratic countries need to think about creating safe, accountable internet: MoS IT
The cryptocurrency mining software area is downloaded within 22 seconds after the cloud account has been hacked. Cyber-attackers take advantage of vulnerable third-party software and poor customer security to perform the hacks.
Other forms of cyber threat
The Google report says in one instance 12,000 Gmail accounts were targeted by the Russian government-backed hacking group APT28, also known as Fancy Bear, where users were tricked into handing over their user details through email.
Google says the attack was neutralised after all the phishing emails were blocked –‘which focused on the UK, the US and India – and no users’ details had been compromised.’
Apple, Google get slapped with EUR 20-Million antitrust fine in Italy over ‘aggressive’ data practices
In another attempt, North Korea-backed attackers tried to lure South Korean Google Cloud users to fake Samsung job postings. Employees at South Korean information security companies were targeted in this attack. Users were made to land in a malicious link to malware stored in Google Drive. The link has been blocked now.
Google has also struggled to deal with ransomware attacks, where attackers encrypt files and data on a user’s computer until a ransom is paid for its release, as the encryption, the report says, is so heavy that recovering them is close to impossible without a decryption tool.
New legal framework evolving on tech, internet; data protection bill step towards that: MoS IT
The report has also red-flagged the use of Black Matter ransomware. Japanese technology group Olympus is one of the prominent victims of Black Matter that said it will shut operations due to “pressure from the authorities.” Until then, the risk still looms large.
Google suggests ways to tackle cyber threat
In its recommendations, Google has asked Cloud-based service users to improve their security using two-factor authentication and sign up to Google’s work safer security program.