Organizations running Windows containers in their Kubernetes cluster have a brand-new threat to worry about.
Researchers from Palo Alto Networks (PAN) have discovered what they say is the first known malware targeting Windows containers. The malware, named Siloscape, is designed to escape from a Windows container into the Kubernetes node so it can spread in the cluster.
Attackers can use the malware to carry out a variety of malicious actions, such as credential and data theft, deploying ransomware, and breaching enterprise software development and testing environments.
Daniel Prizmant, senior staff researcher at PAN’s Unit 42 threat intelligence team, says the malware is a manifestation of the growing attacker focus on cloud environments. “Attackers are undergoing their own digital transformation and exploiting the massive enterprise shift to the cloud and new technologies like containers,” he says. “As a result, container security has become important.”
Prizmant describes…