Home / Companies / Crowdstrike / Blog / Post Details
Content Deep Dive

CrowdStrike Identifies New Kiss-a-Dog Cryptojacking Campaign Targeting Vulnerable Docker and Kubernetes Infrastructure

Blog post from Crowdstrike

Post Details
Company
Date Published
Author
CrowdStrike
Word Count
2,963
Company Posts That Month
Language
English
Hacker News Points
-
Post removed?
No
Summary

CrowdStrike has uncovered a cryptojacking campaign dubbed "Kiss-a-dog," which targets vulnerable Docker and Kubernetes infrastructure by using an obscure domain and various techniques to mine cryptocurrency while evading detection. The campaign involves container escape, removal of cloud monitoring services, and the use of traditional kernel rootkits like Diamorphine and Libprocesshider to hide malicious activity. Attackers employ popular mining software like XMRig, disguised as legitimate processes, and utilize anonymous pool servers to conceal wallet addresses. Additionally, they leverage network-scanning tools to seek out more vulnerable instances and use Redis as a backdoor for further exploitation. This campaign highlights the persistent threat to cloud environments, emphasizing the need for robust security measures like those provided by CrowdStrike's Falcon platform, which offers both agentless and agent-based capabilities to detect and prevent such breaches.

Trends Found in this Post
Trend Post Mentions Total Month Mentions Posts Companies MoM
Kubernetes 12 1,086 169 37 +2%
AI Agents 2 2,394 1,321 1 -
Real-time 2 1,659 640 46 +203%
Observability 1 557 139 11 +117%
Zero Trust 1 1,843 1,331 3 +61333%
Use This Data

Use this post, company, and trend context to find content marketing opportunities, perform competitive analysis, or address product feature gaps via the Plushcap MCP server or the Plushcap API.