Threat Actors Lead Crypto Mining Campaign Using Kubernetes RBAC, Researchers Warn

Security experts have identified a new crypto-mining campaign that uses Kubernetes Role-Based Access Control (RBAC) to deploy backdoors and run miners on compromised devices. The malicious operation, tracked as RBAC Buster, garnered at least 60 Kubernetes (K8) clusters to focus on. To analyze the attackers’ modus operandi, cloud security firm Aqua researchers set up a K8 honeypot. “We have recently discovered the first-ever evidence that attackers are exploiting Kubernetes (K8s) Role-Based Acc