A unique cyberattack campaign that targets Kubeflow, a machine-learning toolkit for Kubernetes, has affected large swathes of container clusters, according to Microsoft. Microsoft observed attackers using an exposed Kubefl dashboard for gaining initial access to the cluster. The malicious actors then set up their own container, using the default name of anonymous, which housed the malicious malware image. The attack is the first known type of type of attack to use Kubflow as an initial pathway into KuberNETes containerization.
Source: https://threatpost.com/kubernetes-cryptomining-machine-learning-framework/156481/