Cryptomining Malware Can Hijack Alibaba ECS Instances

November 16, 2021

Reports from Trend Micro show that threat actors exploit vulnerabilities in Alibaba ECS instances to install Cryptominers malware.

This is possible because all instances provide root access, allowing threat actors to gain access to the target server without any prior SSH root work.

Once compromised, the enhanced privileges allow the threat actors to access files and also create firewall rules that prevent the installed security agent from detecting any compromises or suspicious behavior.

Threat actors also used the ECS’ auto-scaling system (enables the service to automatically adjust computing resources based on the volume of user requests).

Once compromised, the threat actor can scale up their Monero mining power, causing additional costs for the instance owner. Anyone using Alibaba’s cloud service is advised to make sure their security settings are correct and follow best practices.

For more information, read the original story in Reuters.

Cryptomining Malware Can Hijack Alibaba ECS Instances

Top Stories

SaaStr founder says human sales roles have been replaced by AI agents

AI tool is flagging pancreatic cancer early in China

Top 10 predictions for information technology developments in 2026

Meta buys agentic AI startup Manus to boost consumer AI push

AST SpaceMobile launches largest satellite ever, challenging Starlink with direct-to-phone 5G

SoftBank sells remaining Nvidia stake to fund $22.5B OpenAI commitment

Related Articles

Over 59,000 Next.js servers hacked in 48 hours in credential-theft campaign

NIST warns of inaccurate internet time after atomic clock disruption

Critical LangChain flaw exposes secrets across millions of AI agent deployments

Facial recognition becomes mandatory for new mobile accounts in South Korea

TND News Desk

TND News Desk

Jim Love

Follow Us

Popular categories

Tech News Delivered