Google Cloud to detect crypto-mining malware on virtual machines

cointelegraph.com:

It’s a shot in the arm for Google Cloud users at risk of cryptocurrency mining attacks. The Google Cybersecurity Action Team (GCAT) has created a threat detection service to shield “poorly configured” accounts that attackers use to mine cryptocurrency. 

In a blog post, Google Cloud announced the Virtual Machine Threat Detection (VMTD) release in its Security Command Center (SCC) area. A means of scanning compute engines in Google Cloud, the VMTD successfully detects threats, including crypto-mining malware used inside virtual machines.

Crypto-mining malware attacks, sometimes called “cryptojacking,” are an ongoing nuisance in the industry. While browser-based cryptojacking activity spiked in the 2019 bear market, cloud-based crypto mining continues to beleaguer the space.

Cointelegraph reported in November last year that of 50 analyzed incidents relating to compromised Google Cloud Protocols, 86% were related to crypto mining. The Google “Threat Horizons” report highlighted hackers may seek to hijack GPU space to mine crypto as it is a “cloud resource-intensive for-profit activity.”

Upon receiving the data, the Google Cybersecurity Action Team sought to remedy the situation, building better protections for its virtual machine users.

The result is VMTD, a program that provides agentless memory scanning to help detect threats like crypto-mining malware. As well as delivering protections from coin mining, the VMTD also secures users from data exfiltration and ransomware.

Ransomware attacks flourished in 2021, reaching highs in April 2021. Some commentators suggest that the rise in ransomware attacks went hand in hand with crypto’s meteoric rise; regulators and industry players have made efforts to blunt the malpractice.

Relat