Playbook
The Ultimate Guide to Forensics of Mining Malware in Linux Container and Cloud Environments
Cybercriminals are always finding new ways to make money at another's expense. Over the past year, a large number of server-side exploits have been used to install cryptocurrency mining malware in Linux and cloud environments. While cryptocurrency mining can be lucrative, the costs often outweigh the gains due to the computing resources required. In this case, however, attackers mine for crypto coins using their victim’s precious computing resources to eliminate their costs and maximize profits.
This guide outlines the typical stages of a mining malware attack against a server, and the steps to take when conducting forensics and incident response.