Watch out! Google Cloud accounts are being used to mine cryptocurrencies
3 min read
Search giant Google has issued a new warning about cryptocurrency mining. This time, hackers are using Google Cloud accounts to mine cryptocurrencies. According to the company, these accounts have been compromised and are mining the cryptocurrencies without the owners’ knowledge.
According to a Google cybersecurity report, 86% of accounts that were attacked are being used for mining. In some cases, rogue software began mining less than 30 seconds after the account was hacked.
At the same time, 75% of attacks were due to security breaches. In this sense are the registration of weak passwords, absence of two-factor authentication (2FA), which left the accounts exposed. Soon, the invaders took advantage of the lack of security.
The Google Cloud service has recently suffered at least 50 attempted hacker attacks. Of this total, 80% aimed to take the account and use it to mine cryptocurrencies.
Mining by default
Mining is the name of the process that guarantees the security of blockchain networks, as well as regulates the issuance of new cryptocurrencies. In BTC (BTC), for example, this process takes place on average every 10 minutes and currently generates 6.25 BTC per mined block.
Currently, BTC mining requires powerful equipment to run, but other cryptocurrencies have fewer requirements. Thus, hackers often install, covertly, mining programs on other people’s computers.
Usually this installation takes place without the user’s knowledge. As long as the computer remains on, the malicious software mines the cryptocurrencies unnoticed and then sends the money to the hacker’s wallet.
Google also identified the Russian group APT28 as responsible for part of the attacks. Also known as Fancy Bear, the group targeted 12,000 Gmail accounts in a massive attack attempt. In this scam users were tricked into providing their login details.
Impersonating Google, the group sent messages with fake alerts to account holders. “We believe that government-backed attackers may be trying to trick you into obtaining your account password.”, read one of the emails.
Then, hackers asked users to send account login and password, in order to confirm their identity. However, the message was false and the data sent was used to give access to accounts and mine cryptocurrencies.
Know how to identify mining programs
As mining demands large consumption of energy and computational power, it can cause damage to the machine in the medium term. For example, the user starts noticing that the computer is slower or the components start to heat up more often.
These are signs that deserve attention as they indicate that malware is running on the computer. As these programs invade the computer via the Internet, both the machine and the Google account need to have efficient protection tools.
The security recommendations, according to Google, are to keep access to the Google Cloud as restricted as possible. Primarily, the user must install a good antivirus and perform periodic scans on the computer. This makes it possible to identify and block intruders.
In the cloud service, 2FA activation is essential. Authentication creates a second layer of access for any service account. That way, if a hacker steals your Google Cloud password, he won’t be able to access the account without 2FA.
