Google's Vertex AI Platform Gets Freejacked

A recent Freejacking campaign exploiting Google's Vertex AI platform for cryptomining was uncovered by the Sysdig Threat Research Team. Freejacking involves abusing free services for profit, and this campaign utilized free Coursera courses to access Google Cloud Platform (GCP) and Vertex AI without cost to the attacker. The attack was automated, allowing for the creation of numerous instances through fake accounts, which were used to mine the cryptocurrency Dero using GPU resources provided by Vertex AI's Jupyter Notebooks. This process involved launching Tensorflow instances with custom machine types, which were then used to maximize cryptomining efficiency. The attack highlights vulnerabilities in platforms offering free or trial compute services and underscores the importance of robust security measures by both service providers and customers to prevent such abuses.