Home / Companies / Crowdstrike / Blog / Post Details
Content Deep Dive

Compromised Docker Honeypots Used for Pro-Ukrainian DoS Attack

Blog post from Crowdstrike

Post Details
Company
Date Published
Author
Falcon
Word Count
2,136
Company Posts That Month
Language
English
Hacker News Points
-
Post removed?
No
Summary

In 2022, compromised Docker Engine honeypots were utilized in a pro-Ukrainian denial-of-service (DoS) attack, targeting websites in Russia, Belarus, and Lithuania across various sectors, including government and military. The attack involved two Docker images, "abagayev/stop-russia" and "erikmnkl/stoppropaganda," both downloaded extensively but with an unknown number originating from compromised sources. These images leveraged Go-based tools to execute the attacks, with their target lists reportedly overlapping with those shared by the Ukraine IT Army (UIA), which had previously called for DDoS attacks against Russian targets. CrowdStrike's Falcon platform provided protection against these threats through its cloud-based machine learning models, detecting and terminating malicious processes. The assessment, based on high-quality intelligence, suggests these actions were automated and very likely supported pro-Ukrainian efforts, highlighting potential retaliatory risks for organizations inadvertently involved.

Trends Found in this Post
Trend Post Mentions Total Month Mentions Posts Companies MoM
AI Agents 2 2,394 1,321 1 -
Zero Trust 1 1,843 1,331 3 +61333%
Use This Data

Use this post, company, and trend context to find content marketing opportunities, perform competitive analysis, or address product feature gaps via the Plushcap MCP server or the Plushcap API.