Cybercrooks Target Docker Containers With Novel Pageview Generator

  /     /     /  
Publicated : 23/11/2024   Category : security


Cybercrooks Target Docker Containers With Novel Pageview Generator


Cyberattackers are exploiting Docker instances to drop the bot-tastic 9hits Web traffic generator and earn valuable credits that can be turned into cash.



Container-focused cyberattackers
have a brand-new type of payload: a gray-area traffic-generating tool that creates artificial page views for websites, known as the 9hits Traffic Exchange.
Members of 9hits can buy what are known as credits on the platform, which can be exchanged for sending a set amount of traffic to a given website via the automated 9hits viewer app. The app loads a chosen webpage a certain number of times, thus generating page views — even though there are no actual eyeballs taking in the target sites content.
9hits might be a little shady, being used to inflate a sites actual visitor engagement numbers in a quest for luring advertisers — but its use is not illegal. Unless, of course, its being planted into an organizations infrastructure without consent, thus stealing compute resources.
According to researchers at Cado Security, thats exactly what the bad guys are doing: deploying this unique Web traffic solution (
as it bills itself
), in order to generate credits for the attacker.
Cado says the attackers in a fresh campaign are targeting
vulnerable Docker services
to deploy two separate containers: an XMRig cryptominer and 9hits. The former is a
well-known malicious payload
, but the latter is entirely novel, the researchers said.
Attackers always seek more strategies to profit from compromised hosts, according to
Cados 9hits/Docker analysis
published today. [We] can observe the processes being run, allowing the 9hits app to authenticate with their servers and pull a list of sites to visit. Once visited, the session owner is awarded a credit on the 9hits platform.
The credits can then be turned into traffic to the attackers site of choice, which in turn can be monetized in any number of creative ways, including
selling it to an ad network
.

Last News

▸ Beware EMV may not fully protect against skilled thieves. ◂
Discovered: 23/12/2024
Category: security

▸ Hack Your Hotel Room ◂
Discovered: 23/12/2024
Category: security

▸ Website hacks happened during World Cup final. ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
Cybercrooks Target Docker Containers With Novel Pageview Generator