Hackread reports that Microsoft Azure's Automation Service was leveraged to create the first cryptocurrency miner that could not be detected by security systems.
SafeBreach Labs researchers were able to develop the "ultimate cryptominer" by exploiting Azure Automation Service behavior that facilitated the stealthy in-background installation of custom Python packages uploaded on the platform in a bid to avert runbook execution issues.
Azure Automation was noted to use the malicious pip package uploaded by researchers for every subsequent upload, enabling code execution and access token acquisition. Moreover, simultaneous import flows amounting to nearly 10,000 minutes of runtime revealed that the cryptominer did not yield any charges a month later, according to the report.
Aside from affecting cryptomining, such an issue could also impact the functionality of other code execution-requiring domains in Azure, said researchers.
Microsoft's Security Response Center has already been notified regarding the issue but Common Vulnerabilities and Exposures tracking is yet to be provided.
