Security researchers at Microsoft have raised the alarm on an ongoing attack by threat actors who are deploying malicious TensorFlow pods into Kubernetes clusters that run Kubeflow instances so they can mine cryptocurrency through their targets, according to Threatpost
. As the attack is still ongoing, there is a possibility that any new Kubernetes cluster running Kubeflow has been compromised, the company warns.
According to the researchers, the attacks involve pods that run legitimate TensorFlow images in order to evade detection, and they also note the simultaneous deployment of these malicious TensorFlow images, which hint that the threat actors had scanned the clusters earlier to identify potential targets and later launched their attack on the targets at the same time.
A similar attack was reported in June last year, which also targeted Kubeflow workloads and exploited misconfigured dashboards to initiate a massive XMRIG Monero-mining campaign. This version has ben modified to exploit access to the Kubeflow centralized dashboard so that the attackers can create a new pipeline. Once the attackers have access to the pipeline’s user interface, they are able to create a new cluster, which would be composed of containers running TensorFlow images that enable cryptocurrency mining.