A container flaw discovered just last month has been exploited by hundreds of attackers, including cryptocurrency miners, cybersecurity company Imperva says. Credit: Mcability According to Imperva research, a container flaw reported last month (CVE-2019-5736) in Docker’s remote API has already been taken advantage of by hundreds of attackers. Imperva claims that they were able to locate 3,822 Docker hosts with the remote API (port 2735) publicly exposed. Of these, approximately 400 were accessible, and most of these were running a cryptocurrency miner for a lesser-known form of cryptocurrency called Monero. Monero (ticker symbol XMR) is an open-source cryptocurrency that was created in April 2014. It focuses on fungibility (individual units are essentially interchangeable), privacy, and decentralization. It also takes advantage of an obfuscated public ledger. That means anyone can broadcast or send transactions, but outside observers cannot tell the source, amount, or destination of the funds. Mining cryptocurrencies on compromised Docker hosts is, as you’d likely expect, only one form of attack that is possible. Others — such as launching botnets or stealing credential and data — are also likely exploits. Imperva has stressed that is it critical that anyone exposing Docker ports make sure that they create security controls that allow only trusted sources to interact with the Docker API. Refer to the Docker documentation on Securing Docker remote daemon for more information on how to enforce security controls. Details on Imperva’s findings are available at imperva.com. Related content how-to How to find files on Linux There are many options you can use to find files on Linux, including searching by file name (or partial name), age, owner, group, size, type and inode number. By Sandra Henry Stocker Jun 24, 2024 8 mins Linux opinion Linux in your car: Red Hat’s milestone collaboration with exida With contributions from Red Hat and critical collaborators, the safety and security of automotive vehicles has reached a new level of reliability. By Sandra Henry Stocker Jun 17, 2024 5 mins Linux how-to How to print from the Linux command line: double-sided, landscape and more There's a lot more to printing from the Linux command line than the lp command. Check out some of the many available options. By Sandra Henry Stocker Jun 11, 2024 6 mins Linux how-to Converting between uppercase and lowercase on the Linux command line Converting text between uppercase and lowercase can be very tedious, especially when you want to avoid inadvertent misspellings. Fortunately, Linux provides a handful of commands that can make the job very easy. By Sandra Henry Stocker Jun 07, 2024 5 mins Linux PODCASTS VIDEOS RESOURCES EVENTS NEWSLETTERS Newsletter Promo Module Test Description for newsletter promo module. Please enter a valid email address Subscribe