Microsoft Corp.  has issued a warning that hackers are targeting Kubeflow, a machine learning toolkit for Kubernetes, to install cryptomining code.

The attacks were first detected in April and involve hackers targeting Kubernetes nodes running Kubeflow. The nodes were not so much misconfigured but rather settings had been changed.

In a blog post Wednesday, Yossi Weizman, security research software engineer at the Azure Security Center explained that the campaign was first detected when the ASC team observed deployment of a suspect image from a public repository on many different clusters. That image included the XMRIG miner, a cryptocurrency miner that exploits CPU resources to mine for the Monero cryptocurrency.

Those behind the campaign are gaining access to Kubeflow via Istio ingress, a gateway located on the edge of the cluster network. The default setting usually prevents this sort of attack by blocking those on the internet from gaining access to the dashboard and being able to make unauthorized changes. In this case, and why this isn’t a misconfiguration as such, users have been disabling the default security setting.

“We believe that some users chose to do it for convenience: without this action, accessing the dashboard requires tunneling through the Kubernetes API server and isn’t direct,” Weizman explained. “By exposing the service to the Internet, users can access the dashboard directly. However, this operation enables insecure access to the Kubeflow dashboard, which allows anyone to perform operations in Kubeflow, including deploying new containers in the cluster.”

Weizman recommended that to make sure that a dashboard isn’t exposed to the internet, users should check the type of the Istio ingress service by the following command and make sure that it is not a load balancer with a public IP:

kubectl get service istio-ingressgateway -n istio-system

Wei Lien Dang, co-founder and chief strategy officer at Kubernetes security platform provider StackRox Inc., told SiliconANGLE today that cryptojacking is a still a popular attack.

“Organizations should be mindful of the registries that users/clusters are allowed to download from,” Lieng Dang explained. “They should use private trusted registries, whitelist allowed images and take other precautions to verify source assets.”

As Kubernetes clusters get larger and more powerful, he added, they’ll become even more attractive for this type of attack. “Organizations must take specific steps to ensure they’re protecting their container and Kubernetes assets across build, deploy and runtime,” he said.

Image: Kubeflow