Hackers Abuse Docker Hub Repositories to Disguise Malicious Containers

28-Nov-22

Threat actors use Docker Hub repositories as a means of uploading malicious containers that can be used to mine cryptocurrency and hidden files that support backdoors, DNS hijackers, and website redirectors. Researchers from Sysdig examined 1,652 Linux images out of over 250,000 that had not been certified based on a number of areas.

Cryptomining (608), embedded secrets (281), proxy avoidance (266), newly registered domains (134), dangerous websites (129), hacking (38), dynamic DNS (33), and others were the categories used to classify the content type (288).

Read More…