Microsoft: Misconfigured Kubeflow Workloads are a Cybersecurity Risk
Microsoft's Azure Security Center (ASC), which regularly searches for and researches for new attack vectors against Kubernetes workloads, revealed a new campaign that was observed recently targeting Kubeflow, a machine learning toolkit for Kubernetes.
Yossi Weizman, Security Research Software Engineer, Azure Security Center, ILDC writes that a suspicious Kubeflow image was seen deployed to thousands of clusters in April, all from a single public repository. However, closer inspection revealed that the image runs a common open-source cryptojacking malware that mines the Monero virtual currency, known as XMRIG, writes Threatpost.
ASC observed that this attack affected tens of Kubernetes clusters. Kubeflow, ASC explains, is an open-source project, started as a project for running TensorFlow jobs on Kubernetes. "Kubeflow has grown and become a popular framework for running machine learning tasks in Kubernetes. Nodes that are used for ML tasks are often relatively powerful, and in some cases include GPUs. This fact makes Kubernetes clusters that are used for ML tasks a perfect target for crypto mining campaigns, which was the aim of this attack," says Weizman.
Wei Lien Dang, Co-Founder and Chief Strategy Officer at StackRox, a Mountain View, Calif.-based leader in security for containers and Kubernetes, says, “Cryptojacking is a still a popular attack. It’s a threat similar to the backdoored Docker Hub images or the Unit 42 cryptojacking "worm". Organizations should be mindful of the registries that users/clusters are allowed to download from."
Organizations should use private trusted registries, whitelist allowed images, and take other precautions to verify source assets, Dang says. "As Kubernetes clusters get larger and more powerful (as in this case with GPUs to run ML), they'll become even more attractive for this type of attack. Organizations must take specific steps to ensure they’re protecting their container and Kubernetes assets across build, deploy, and runtime," he adds.