One Article Review
| Source |  CSO |
|---|---|
| Identifiant | 8298285 |
| Date de publication | 2023-01-05 10:34:00 (vue: 2023-01-05 19:07:03) |
| Titre | Attackers create 130K fake accounts to abuse limited-time cloud computing resources |
| Texte | A group of attackers is running a cryptomining operation that leverages the free or trial-based cloud computing resources and platforms offered by several service providers including GitHub, Heroku, and Togglebox. The operation is highly automated using CI/CD processes and involves the creation of tens of thousands of fake accounts and the use of stolen or fake credit cards to activate time-limited trials.Researchers from Palo Alto Networks' Unit 42 have dubbed the group Automated Libra and believe it's based in South Africa. During the peak of the campaign, dubbed PurpleUrchin, in November, the group was registering between three and five GitHub accounts every minute using automated CAPTCHA defeating processes with the intention to abuse GitHub Actions workflows for mining.To read this article in full, please click here |
| Envoyé | Oui |
| Condensat | 130k abuse accounts actions activate africa alto article attackers automated based believe between campaign captcha cards ci/cd click cloud computing create creation credit cryptomining defeating dubbed during every fake five free from full github group have here heroku highly including intention involves leverages libra limited mining minute networks november offered operation palo peak platforms please processes providers purpleurchin read registering researchers resources running service several south stolen tens thousands three time togglebox trial trials unit use using workflows |
| Tags | |
| Stories | |
| Notes | ★★★★ |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.