Malware

Kinsing

First seen: 2019-01 • Status: active

Currently Active Threat

Kinsing attacks poorly configured cloud containers to mine cryptocurrency. It is very common in cloud environments.

Overview

Kinsing is cryptomining malware that targets misconfigured Docker containers and Kubernetes clusters.

How It Spreads

  • Docker API exploitation
  • Kubernetes misconfiguration
  • Log4Shell

What It Does

  • Cryptocurrency mining
  • Resource hijacking
  • Cloud targeting

Is your business exposed?

Target Platforms

Linux, Docker, Kubernetes

Detection Tips

  • Monitor Docker API access
  • Watch for cryptominer behavior

MITRE ATT&CK Techniques

T1496, T1610

If You're Infected

  1. 1.

    Secure Docker daemon

  2. 2.

    Audit Kubernetes RBAC

Related Malware

Xmrig

Is your business exposed?

Check if your company data is circulating on the dark web

Free scan • No credit card required

Privacy PolicyYour Privacy Choices