黑客利用公共 DevOps 工具進行加密貨幣挖礦攻擊
Jun 04, 2025 23:57:46
ChainCatcher 消息,安全公司 Wiz 發現代號 JINX-0132 的黑客組織正大規模利用 DevOps 工具配置漏洞進行加密貨幣挖礦攻擊。該攻擊主要針對 HashiCorp Nomad/Consul、Docker API 和 Gitea 等工具,約 25% 的雲環境存在風險。攻擊手法包括:利用 Nomad 預設配置部署 XMRig 挖礦軟體、透過 Consul 未授權 API 執行惡意腳本、控制暴露的 Docker API 創建挖礦容器。
Related Reports
New Jersey gubernatorial race to be crypto’s next election test
Cointelegraph
Jun 07, 2025 05:12:32
Ethereum Gained 4.25% to $2501.35 — Data Talk
Dow Jones Newswires
Jun 07, 2025 05:12:00
XRP Wave Structure Predicts Wild Fluctuations On Its Way To $4 ATH
NewsBTC
Jun 07, 2025 05:00:50
Eric Trump says World Liberty will buy ‘substantial position’ in Trump memecoin, nixes ‘official’ wallet
The Block
Jun 07, 2025 04:22:57
CoinDesk Bitcoin Price Index Gained 2.36% to $104309.16 — Data Talk
Dow Jones Newswires
Jun 07, 2025 04:15:00
