Pentera Discovers Exposed Cloud Training Applications Actively Exploited with Crypto-Miners
Pentera Labs research uncovers evidence of active attacker activity within customer-managed enterprise cloud environments operated by Fortune 500 companies and leading cybersecurity vendors, including compromise and crypto-mining activity
These applications, commonly used for security demos and hands-on training, include open-source projects such as OWASP Juice Shop, DVWA, and Hackazon. Pentera Labs identified thousands of exposed systems, many of which are hosted on enterprise-owned infrastructure running on AWS, Azure, and GCP cloud platforms. Approximately 20% of the exposed environments identified were found to contain artifacts consistent with unauthorized activity, including crypto-mining activity.
Pentera Labs research found that these applications were often deployed by customers with default configurations, minimal isolation, and overly permissive cloud roles. The investigation uncovered that many of these exposed training environments were directly connected to active cloud identities and privileged roles, potentially enabling attackers to move far beyond the intentionally-vulnerable apps themselves and potentially into the customer's broader cloud infrastructure.
"One misconfigured training app was enough for attackers to obtain cloud credentials and deploy miners at an organization's expense," said
Pentera Labs also discovered webshells, obfuscated scripts, and persistence mechanisms on compromised hosts, providing further evidence that adversaries are treating these publicly accessible "lab" systems as convenient footholds into enterprise cloud accounts. From this position, attackers could have expanded their access in several ways, including lateral movement across cloud resources, privilege escalation through over-permissive roles, tampering with CI/CD workloads, or inserting themselves into software supply chain processes.
The complete investigation, including findings, methodology, and evidence of attacker activity, is available here.
The findings were initially discovered by Security Researcher
About Pentera
Pentera is the market leader in AI-powered Security Validation, equipping enterprises with the platform to proactively test all their cybersecurity controls against the latest cyber attacks. Pentera identifies true risk across the entire attack surface, and automatically orchestrates remediation workflows to effectively reduce exposure. The company's security validation capabilities are essential for Continuous Threat Exposure Management (CTEM) operations. Thousands of security professionals around the world trust Pentera to close security gaps before threat actors can exploit them.
For more information, visit: pentera.io
Media Contact for Pentera
Senior PR Manager
[email protected]
View original content:https://www.prnewswire.com/news-releases/pentera-discovers-exposed-cloud-training-applications-actively-exploited-with-crypto-miners-302666531.html
SOURCE Pentera
Serious News for Serious Traders! Try StreetInsider.com Premium Free!
You May Also Be Interested In
- In HelloNation, Wellness Expert Sarah Packard-Normand Explains How Collagen Loss Changes the Face Over Time
- First Blueberry E. Coli Lawsuit Filed by Ron Simon & Associates Against Publix on Behalf of Hospitalized E. coli Victim
- Astrana Health Strengthens Leadership Team to Accelerate Long-Term Growth
Create E-mail Alert Related Categories
PRNewswire, Press ReleasesSign up for StreetInsider Free!
Receive full access to all new and archived articles, unlimited portfolio tracking, e-mail alerts, custom newswires and RSS feeds - and more!



Tweet
Share