Kubernetes being hijacked worldwide


time to lock down your K8s pods - As is typical with our findings, lots of companies are exposing their Kubernetes API with no authentication; inside the Kubernetes cluster, small containers called Pods are ran. Essentially a pod represents a process inside the cluster.

By having this exposed, an attacker can not only see what is running on the Pods but also execute commands on the Pods themselves.

The result is that we are seeing worldwide many Kubernetes clusters having their Pods hijacked to mine cryptocurrencies.


Want to receive more content like this in your inbox?