"Malicious Docker Cryptomining Images Rack Up 20M Downloads"

Researchers at Palo Alto Networks' Unit 43 have discovered at least 30 malicious images in Docker Hub, with a collective 20 million downloads.  The images have been used to spread cryptomining malware.  According to the researchers, the malicious images (spread across 10 different Docker Hub accounts) have raked in around $200,000 from cryptomining.  The most popular cryptocurrency in the instances observed by researchers was Monero, which accounted for around 90 percent of the activity. Monero not only provides "maximum anonymity" due to its hidden transaction paths, but it is also easier to mine cost-effectively.   In most attacks that mine Monero, the attackers used the well-worn XMRig off-the-shelf miner.

Threatpost reports: "Malicious Docker Cryptomining Images Rack Up 20M Downloads"