Google Cloud Develops Cryptojacking Solution to Detect Mining Malware on Virtual Machines

The expanding crypto sector has garnered focus from hackers who have been ramping up efforts to steal money from unsuspecting victims associated with the sector. In a bid to safeguard crypto miners against security breaches, Google Cloud has developed a new solution called the Virtual Machine Threat Detection (VMTD). The tool will detect potential crypto mining malware attacks, also known as cryptojacking. This service from Google Cloud will also shield poorly configured accounts that are breached and used by hackers to mine cryptocurrencies.

The Security Command Centre Team of Google Cloud aims to protect crypto miners using virtual machines to execute the process. Virtual machines allow businesses to run an operating system that behaves like a separate computer in an app window on a PC.

“What we learned is that we could instrument the hypervisor — the software that runs underneath and orchestrates our customers’ virtual machines — to include nearly universal and hard-to-tamper-with threat detection,” said Google Cloud Product Manager Timothy Peacock in a blog post.

The VMTD tool will provide agentless memory scanning to detect malwares. The security tool will also protect users from falling prey to ransomware and data exfiltration attacks.

“Not running an agent inside of their instance means less performance impact, lowered operational burden for agent deployment and management, and exposing less attack surface to potential adversaries,” Peacock explained.

It will act as a third layer of safety along with already enabled solutions such as Event Threat Detection and Container Threat Detection for Google Cloud users.

“In addition to threat detection, the premium version of Security Command Center is a comprehensive security and risk management platform for Google Cloud. It provides built-in services that enable you to gain visibility into your cloud assets, discover misconfigurations and vulnerabilities in your resources, and help maintain compliance based on industry standards and benchmarks,” Peacock wrote in the blog post.

The development comes after Google Cloud identified hacking threats looming over crypto mining activities last year.

In November last year, it analysed 50 incidents relating to compromised Google Cloud protocols and realised 86 percent were related to crypto mining.

A report by Google Cloud claimed that hackers are drawn to hijack a GPU to mine crypto assets, which is a “cloud resource-intensive for-profit activity.”

Over the coming months, VMTD will integrate with other parts of Google Cloud, the platform has promised.


Share This Post

Leave a Reply

Your email address will not be published.