This is a snapshot in the hands of Google Cloud users who are at risk of cryptocurrency attacks. The Google Cybersecurity Action Team (GCAT) has created a threat detection service to protect “poorly configured” accounts that attackers use to recover cryptocurrencies.
In a blog post, Google Cloud announced the launch of the Virtual Machine Threat Detection Device (VMTD) in the Security Command Center (SCC) region. As a scanning tool for Google’s cloud computing engines, VMTD detects threats, including cryptocurrencies running on virtual machines.
Malware attacks from cryptocurrency extraction, sometimes referred to as “cryptojacking”, are a constant annoyance in the industry. While browser-based cryptojacking has skyrocketed in the bear market in 2019, cloud-based cryptomination continues to capture space.
Cointelegraph reported in November last year that of 50 analyzed incidents involving hacked Google Cloud protocols, 86% involved cryptocurrency mining. Google’s Threat Horizons report highlights that hackers could try to take over GPU space for cryptocurrency mining, as it is a “resource-intensive activity to generate profits in the cloud.”
With the data in hand, the Google Cyber Security Action Group sought to rectify the situation and create stronger protection for virtual machine users.
The result is VMTD, a program that provides agent-free memory scanning to help detect threats such as crypto-dominant malware. In addition to providing protection against coin mining, VMTD also protects users against data mining and ransomware.
Ransomware attacks soared in 2021, peaking in April 2021. Some commentators point out that the rise in ransomware attacks has coincided with the sharp rise in cryptocurrencies; Efforts have been made by regulators and industry players to curb malpractice.
Related: Crypto Miner in Texas stops 99% of operations due to upcoming winter storm
In the case of malware attack cryptomination, Google has made a concerted effort to stop the attack by using CPU power and electricity unknown to Internet users to extract cryptocurrency. Over 55% of businesses worldwide were reported to be affected in 2018, including Google’s Youtube.
In the coming months, VMTD will be continuously integrated with other parts of Google Cloud, which will benefit Google Cloud users.