Novel Technique Exploits Kubernetes RBAC to Backdoor Clusters

Attackers Deployed DaemonSets to Steal Resources from Victims
Threat actors are exploiting Kubernetes Role Based Access Control in the wild to create backdoors and to run cryptocurrency miners. Researchers observed a recent campaign that targeted at least 60 Kubernetes clusters by deploying DaemonSets to hijack and steal resources from the victims' clusters.

access access control attackers backdoor backdoors campaign clusters control cryptocurrency exploiting exploits hijack kubernetes kubernetes clusters miners novel rbac researchers resources role run steal