Articles Uncategorized More Than 4,000,000 Docker images contain critical vulnerabilities

More Than 4,000,000 Docker images contain critical vulnerabilities

-

Researchers from Prevasio  studied 4,000,000 publicly available Docker images hosted on Docker Hub and found that more than half of them have critical vulnerabilities, and several thousand images contain malicious or potentially dangerous elements.

For the analysis, the specialists used its own Prevasio Analyzer service, which had to work non-stop for a month on 800 machines.

DokerHub
DokerHub

The analysis found that 51% of the 4,000,000 examined images contain packages or dependencies with at least one critical vulnerability, and another 13% are vulnerable to high severity bugs.

Approximately 6400 images (0.16% of the total) were classified as malicious or potentially dangerous due to the presence of malware, cryptocurrency miners, hacking tools, the malicious npm package ( flatmap-stream ) and Trojans in their composition . Worse, it turned out that all of these images were downloaded over 300,000,000 times.

Cryptocurrency miners were found in 44% of 6400 containers. Although in many cases the developers honestly report that their images contain miners, sometimes the miners are hidden.

Docker_images_threatit

“Regardless of the original intent, if an employee of a company uses Docker Hub and then launches an image with a miner at work, there is a high probability that the company’s resources will not be used as originally intended. The system administrator may consider such container images undesirable for a corporate environment or even potentially dangerous, ”the experts write.

Also, during the study, images with dynamic payloads were found, that is, the original image itself did not contain anything malicious, but later the similar miner code was loaded, compiled and executed by a special script.

Must read

28 dangerous extensions detected for Google Chrome and Microsoft Edge

Avast experts have discovered malware hidden in at least 28 third-party...

Why Is It Important To Have Intrusion Detection And Prevention ?

This article describes why detection and prevention of burglaries...

The risk is real: attacks on OT infrastructure

Previously, many believed that attacks on an isolated OT...

Gitpaste-12: Linux bot armed with a dozen exploits

Researchers at Juniper Networks have discovered a Linux scripting...

Saferwall : Open Source Malware Analysis

Saferwall is an open source malware analysis platform. It...

Network Vulnerability Assessment ? Why Should Every Company Do it at least once a Year !

Network vulnerability assessment analyzes a variety of network issues,...

Artificial Intelligence and Cyber Security

As artificial intelligence intrudes into the world of cybersecurity,...

You might also likeRELATED
Recommended to you