Home » Technology » Internet » Over a thousand Docker container images were found hiding malicious content.

Over a thousand Docker container images were found hiding malicious content.

dark web

Faceless hooded anonymous computer hacker with programming code from monitor, dark web concept

As the online world evolves, so do cyber security threats. Every new day comes with a new kind of technique to grab your information. A team of experts has reported that many images being hosted on popular databases are malevolent, providing a high risk of cyberattack.

According to a detailed analysis by “Sysdig,”  the images depict villainous content such as cryptominers, backdoors, and DNS hijackers.

These images serve as templates for users when creating new projects, saving them from having to start from scratch. Docker Hub facilitates its users’ ability to send and transfer these files from their collection.’

Types of malware

Although Docker’s library scans and verifies its images for safe use, many images remain unscanned. “Sysdig” automatically scanned thousands of unverified images and found almost 2,000 of them containing hideous content…

Most images contained an element of cryptomining. Other images included AWS credentials, SSH keys, the GIT hub, and NPM tokens.

According to the software report, these hidden malware can give access to one’s containers, a transferred image can allow the owner to run commands via SSH, just like implanting a backdoor.

The most common method used by hackers in images was “typosquatting,” in which they created a duplicate and infected version of the most commonly used images and set them up in the hope that the victim would not notice and would download their version instead of the original image.These images, along with two typosquatted images, were downloaded at least 17,000 times.

This year has seen a 15% increase in this type of spam, with the majority of infected images coming from public libraries, and the problem is only getting worse.