To safeguard its virtual machines (VMs) from crypto miners, Google has launched a new platform aimed at stopping malware forever.
The new Virtual Machine Threat Detection (VMTD) tool is available to Google Cloud Security Command Center Premium service customers and will work without supporting software, meaning there will be no significant impact on performance of the virtual machine or the operational load for the agent. deployment and administration.
As a result, there is less of an attack surface, and instead of using an agent, threat detection adds "nearly universal threat detection and quite difficult to manipulate" to the hypervisor.
Anonymous crypto mining
Cryptominers are a unique type of malware that, instead of trying to destroy the machine, steal sensitive data, or match the device with a botnet, harness computing power to produce cryptocurrency for the attacker.
Some blockchain networks run on a mechanism called Proof of Work, in which the computers that make up the network perform heavy calculations and are rewarded with the network token. The process is also known as mining.
Devices that "mine" cryptocurrency typically cannot do just that, as mining consumes the majority of the devices' computing power.
Some malicious actors have started spreading crypto mining malware that forces the victim's device to mine and sends any and all profits to the attackers. Generally, crypto miners mine the Monero token, as it is thought to be quite difficult to trace.
In addition to rendering the computer virtually useless, there is an ancillary danger with virtual machine cryptominers: computational cost.
An earlier report from Google Cloud (published late last year) asserts that nearly 9 out of ten (eighty-six%) public cloud machines infected with malware carry cryptominers.