{"id":4579,"date":"2024-04-18T11:35:28","date_gmt":"2024-04-18T11:35:28","guid":{"rendered":"https:\/\/secry.me\/explore\/?p=4579"},"modified":"2024-04-19T03:37:28","modified_gmt":"2024-04-19T03:37:28","slug":"hackers-exploit-openmetadata-vulnerability-for-cryptomining-attacks-on-kubernetes","status":"publish","type":"post","link":"https:\/\/secry.me\/explore\/hackers-exploit-openmetadata-vulnerability-for-cryptomining-attacks-on-kubernetes\/","title":{"rendered":"Hackers Exploit OpenMetadata Vulnerability for Cryptomining Attacks on Kubernetes"},"content":{"rendered":"<div class=\"c7f5092f831f91fb6af859cc3a8052cc\" data-index=\"4\" style=\"float: none; margin:10px 0 10px 0; text-align:center;\">\n<script async src=\"https:\/\/securepubads.g.doubleclick.net\/tag\/js\/gpt.js\"><\/script>\r\n<script>\r\n  window.googletag = window.googletag || {cmd: []};\r\n  googletag.cmd.push(function() {\r\n    googletag.defineSlot('\/22608490431\/iklan1', [[320, 100], [300, 50]], 'div-gpt-ad-1696178236578-0').addService(googletag.pubads());\r\n    googletag.pubads().enableSingleRequest();\r\n    googletag.enableServices();\r\n  });\r\n<\/script>\r\n<!-- \/22608490431\/iklan1 -->\r\n<div id='div-gpt-ad-1696178236578-0' style='min-width: 300px; min-height: 50px;'>\r\n  <script>\r\n    googletag.cmd.push(function() { googletag.display('div-gpt-ad-1696178236578-0'); });\r\n  <\/script>\r\n<\/div>\n<\/div>\n<p><strong>OpenMetadata Vulnerability Exploit &#8211; Cryptomining Attacks on Kubernetes &#8211;<\/strong> In a concerning development, cybersecurity experts have uncovered an ongoing campaign where threat actors are exploiting <a href=\"https:\/\/secry.me\/explore\/\">critical vulnerabilities<\/a> in the OpenMetadata platform to launch cryptomining attacks on Kubernetes workloads. This sophisticated operation highlights the growing risks associated with open-source software in containerized environments.<\/p>\n<p>OpenMetadata, a widely-used open-source metadata management tool, has become the latest target for hackers seeking to capitalize on its flaws. These vulnerabilities, including <em><strong><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2024-28847\">CVE-2024-28847<\/a>, <a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2024-28848\">CVE-2024-28848<\/a>, <a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2024-28253\">CVE-2024-28253<\/a>, <a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2024-28254\">CVE-2024-28254<\/a>, and <a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2024-28255\">CVE-2024-28255<\/a><\/strong><\/em>, were initially disclosed and patched in versions 1.2.4 and 1.3.1 on March 15. However, despite the patches being available, threat actors have been actively exploiting them since early April, emphasizing the importance of timely updates and patch management.<\/p>\n<p>The attack methodology of OpenMetadata Vulnerability employed by these hackers is alarming in its sophistication. First, they identify vulnerable versions of OpenMetadata running on internet-exposed Kubernetes workloads. Leveraging the disclosed vulnerabilities, they gain unauthorized access to the containers, ultimately achieving remote code execution.<\/p>\n<p>Once inside, the attackers conduct reconnaissance to assess the compromised environment thoroughly. They collect information about the network, hardware configuration, and operating system version to tailor their subsequent actions. Interestingly, they utilize ping requests to domains associated with Interactsh, a tool for detecting out-of-band interactions, to validate network connectivity without raising suspicion.<\/p>\n<figure id=\"attachment_4588\" aria-describedby=\"caption-attachment-4588\" style=\"width: 728px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-4588 size-full\" src=\"https:\/\/secry.me\/explore\/wp-content\/uploads\/2024\/04\/mining.webp\" alt=\"cryptomining Process of Exploited server that have OpenMetadata Vulnerabilities\" width=\"728\" height=\"290\" srcset=\"https:\/\/secry.me\/explore\/wp-content\/uploads\/2024\/04\/mining.webp 728w, https:\/\/secry.me\/explore\/wp-content\/uploads\/2024\/04\/mining-300x120.webp 300w, https:\/\/secry.me\/explore\/wp-content\/uploads\/2024\/04\/mining-150x60.webp 150w, https:\/\/secry.me\/explore\/wp-content\/uploads\/2024\/04\/mining-696x277.webp 696w\" sizes=\"auto, (max-width: 728px) 100vw, 728px\" \/><figcaption id=\"caption-attachment-4588\" class=\"wp-caption-text\">cryptomining Process of Exploited server that have OpenMetadata Vulnerabilities<\/figcaption><\/figure>\n<p>Upon confirming their access, the hackers proceed to download cryptomining malware payloads from a remote server, often located in China. These payloads, available for both Linux and Windows platforms, are then deployed within the compromised containers, initiating cryptocurrency mining operations.<\/p>\n<p>To maintain persistence and control over the hijacked Kubernetes applications, the attackers employ various techniques. They remove initial payloads, establish reverse shell connections using tools like Netcat, and set up cronjobs to execute malicious code at regular intervals.<\/p>\n<p>Notably, the attackers leave behind a distinctive calling card\u2014an appeal for Monero cryptocurrency donations, purportedly to fund personal expenses such as purchasing a car or a &#8220;suite&#8221; in China. This tactic adds a peculiar twist to an otherwise malicious operation.<\/p>\n<figure id=\"attachment_4586\" aria-describedby=\"caption-attachment-4586\" style=\"width: 696px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" decoding=\"async\" class=\" td-modal-image wp-image-4586 size-large\" src=\"https:\/\/secry.me\/explore\/wp-content\/uploads\/2024\/04\/Note-left-on-breached-servers-1024x196.webp\" alt=\"Note left on breached servers\" width=\"696\" height=\"133\" srcset=\"https:\/\/secry.me\/explore\/wp-content\/uploads\/2024\/04\/Note-left-on-breached-servers-1024x196.webp 1024w, https:\/\/secry.me\/explore\/wp-content\/uploads\/2024\/04\/Note-left-on-breached-servers-300x57.webp 300w, https:\/\/secry.me\/explore\/wp-content\/uploads\/2024\/04\/Note-left-on-breached-servers-768x147.webp 768w, https:\/\/secry.me\/explore\/wp-content\/uploads\/2024\/04\/Note-left-on-breached-servers-150x29.webp 150w, https:\/\/secry.me\/explore\/wp-content\/uploads\/2024\/04\/Note-left-on-breached-servers-696x133.webp 696w, https:\/\/secry.me\/explore\/wp-content\/uploads\/2024\/04\/Note-left-on-breached-servers-1068x204.webp 1068w, https:\/\/secry.me\/explore\/wp-content\/uploads\/2024\/04\/Note-left-on-breached-servers.webp 1215w\" sizes=\"auto, (max-width: 696px) 100vw, 696px\" \/><figcaption id=\"caption-attachment-4586\" class=\"wp-caption-text\">Note lefted by the Hacker on the Breached Server<\/figcaption><\/figure>\n<p>Security experts urge administrators to take immediate action to mitigate the risk posed by these attacks. They recommend changing default credentials, ensuring that OpenMetadata applications are promptly patched against known vulnerabilities, and maintaining vigilant monitoring of Kubernetes environments.<\/p>\n<p>To maintain vigilant monitoring of Kubernetes environments, administrators are advised to take proactive measures. This includes promptly changing default credentials, ensuring that OpenMetadata applications are updated against known vulnerabilities, and utilizing the following command to get a list of all OpenMetadata workloads running in their Kubernetes environment:<\/p>\n<pre class=\"wp-block-code\"><code>kubectl get pods --all-namespaces -o=jsonpath='{range .items[*]}{.spec.containers[*].image}{\"\\n\"}{end}' | grep 'openmetadata'\r\n<\/code><\/pre>\n<p>&nbsp;<\/p>\n<p>By running this command, administrators can efficiently identify any instances of OpenMetadata running within their Kubernetes clusters, allowing for timely assessment and response to potential security threats. This proactive approach is crucial in safeguarding digital assets against emerging cyber threats.<\/p>\n<p>This incident underscores the critical importance of maintaining robust cybersecurity practices, including timely patching and proactive threat detection, in containerized environments. As the cybersecurity landscape continues to evolve, organizations must remain vigilant to safeguard their digital assets against emerging threats.<\/p>\n<div id=\"urban-overlay\" style=\"left: -10px; top: -10px; width: 0px; height: 0px;\"><\/div>\n<div id=\"urban-overlay\" style=\"left: -10px; top: -10px; width: 0px; height: 0px;\"><\/div>\n<div id=\"urban-overlay\" style=\"left: -10px; top: -10px; width: 0px; height: 0px;\"><\/div>\n<div id=\"urban-overlay\" style=\"left: -10px; top: -10px; width: 0px; height: 0px;\"><\/div>\n<div id=\"urban-overlay\" style=\"left: -10px; top: -10px; width: 0px; height: 0px;\"><\/div>\n<div id=\"urban-overlay\" style=\"left: -10px; top: -10px; width: 0px; height: 0px;\"><\/div>\n<div id=\"urban-overlay\" style=\"left: -10px; top: -10px; width: 0px; height: 0px;\"><\/div>\n<div id=\"urban-overlay\" style=\"left: -10px; top: -10px; width: 0px; height: 0px;\"><\/div>\n<div id=\"urban-overlay\" style=\"left: -10px; top: -10px; width: 0px; height: 0px;\"><\/div>\n<div id=\"urban-overlay\"><\/div>\n<div id=\"urban-overlay\" style=\"left: -10px; top: -10px; width: 0px; height: 0px;\"><\/div>\n<div id=\"urban-overlay\" style=\"left: -10px; top: -10px; width: 0px; height: 0px;\"><\/div>\n\n<div style=\"font-size: 0px; height: 0px; line-height: 0px; margin: 0; padding: 0; clear: both;\"><\/div>","protected":false},"excerpt":{"rendered":"<p>OpenMetadata Vulnerability Exploit &#8211; Cryptomining Attacks on Kubernetes &#8211; In a concerning development, cybersecurity experts have uncovered an ongoing campaign where threat actors are exploiting critical vulnerabilities in the OpenMetadata platform to launch cryptomining attacks on Kubernetes workloads. This sophisticated operation highlights the growing risks associated with open-source software in containerized environments. OpenMetadata, a widely-used [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":4592,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[136],"tags":[445,291,325,335,444,186,446,443],"class_list":{"0":"post-4579","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-bug-bounty","8":"tag-crypto","9":"tag-cve","10":"tag-exploit","11":"tag-hacker","12":"tag-kubernetes","13":"tag-malware","14":"tag-mining","15":"tag-openmetadata"},"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v21.4 (Yoast SEO v27.6) - https:\/\/yoast.com\/product\/yoast-seo-premium-wordpress\/ -->\n<title>Hackers Exploit OpenMetadata Vulnerability for Cryptomining Attacks on Kubernetes | SECRY<\/title>\n<meta name=\"description\" content=\"OpenMetadata Vulnerability Exploit - Cryptomining Attacks on Kubernetes - In a concerning development, cybersecurity experts have uncovered an ongoing\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/secry.me\/explore\/hackers-exploit-openmetadata-vulnerability-for-cryptomining-attacks-on-kubernetes\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Hackers Exploit OpenMetadata Vulnerability for Cryptomining Attacks on Kubernetes | SECRY\" \/>\n<meta property=\"og:description\" content=\"OpenMetadata Vulnerability Exploit - Cryptomining Attacks on Kubernetes - In a concerning development, cybersecurity experts have uncovered an ongoing\" \/>\n<meta property=\"og:url\" content=\"https:\/\/secry.me\/explore\/hackers-exploit-openmetadata-vulnerability-for-cryptomining-attacks-on-kubernetes\/\" \/>\n<meta property=\"og:site_name\" content=\"SECRY\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/secry.me\" \/>\n<meta property=\"article:published_time\" content=\"2024-04-18T11:35:28+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2024-04-19T03:37:28+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/secryweb.sirv.com\/WP_secry.me\/2024\/04\/OpenMetadata-Exploit.png\" \/>\n\t<meta property=\"og:image:width\" content=\"1280\" \/>\n\t<meta property=\"og:image:height\" content=\"720\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"Christin\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Christin\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"NewsArticle\",\"@id\":\"https:\\\/\\\/secry.me\\\/explore\\\/hackers-exploit-openmetadata-vulnerability-for-cryptomining-attacks-on-kubernetes\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/secry.me\\\/explore\\\/hackers-exploit-openmetadata-vulnerability-for-cryptomining-attacks-on-kubernetes\\\/\"},\"author\":{\"name\":\"Christin\",\"@id\":\"https:\\\/\\\/secry.me\\\/explore\\\/#\\\/schema\\\/person\\\/bf08de9f590b8968a1d054728257190f\"},\"headline\":\"Hackers Exploit OpenMetadata Vulnerability for Cryptomining Attacks on Kubernetes\",\"datePublished\":\"2024-04-18T11:35:28+00:00\",\"dateModified\":\"2024-04-19T03:37:28+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/secry.me\\\/explore\\\/hackers-exploit-openmetadata-vulnerability-for-cryptomining-attacks-on-kubernetes\\\/\"},\"wordCount\":542,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/secry.me\\\/explore\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/secry.me\\\/explore\\\/hackers-exploit-openmetadata-vulnerability-for-cryptomining-attacks-on-kubernetes\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/secry.me\\\/explore\\\/wp-content\\\/uploads\\\/2024\\\/04\\\/OpenMetadata-Exploit.png\",\"keywords\":[\"Crypto\",\"CVE\",\"Exploit\",\"Hacker\",\"Kubernetes\",\"Malware\",\"Mining\",\"OpenMetadata\"],\"articleSection\":[\"Bug Bounty\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/secry.me\\\/explore\\\/hackers-exploit-openmetadata-vulnerability-for-cryptomining-attacks-on-kubernetes\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/secry.me\\\/explore\\\/hackers-exploit-openmetadata-vulnerability-for-cryptomining-attacks-on-kubernetes\\\/\",\"url\":\"https:\\\/\\\/secry.me\\\/explore\\\/hackers-exploit-openmetadata-vulnerability-for-cryptomining-attacks-on-kubernetes\\\/\",\"name\":\"Hackers Exploit OpenMetadata Vulnerability for Cryptomining Attacks on Kubernetes | SECRY\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/secry.me\\\/explore\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/secry.me\\\/explore\\\/hackers-exploit-openmetadata-vulnerability-for-cryptomining-attacks-on-kubernetes\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/secry.me\\\/explore\\\/hackers-exploit-openmetadata-vulnerability-for-cryptomining-attacks-on-kubernetes\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/secry.me\\\/explore\\\/wp-content\\\/uploads\\\/2024\\\/04\\\/OpenMetadata-Exploit.png\",\"datePublished\":\"2024-04-18T11:35:28+00:00\",\"dateModified\":\"2024-04-19T03:37:28+00:00\",\"description\":\"OpenMetadata Vulnerability Exploit - Cryptomining Attacks on Kubernetes - In a concerning development, cybersecurity experts have uncovered an ongoing\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/secry.me\\\/explore\\\/hackers-exploit-openmetadata-vulnerability-for-cryptomining-attacks-on-kubernetes\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/secry.me\\\/explore\\\/hackers-exploit-openmetadata-vulnerability-for-cryptomining-attacks-on-kubernetes\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secry.me\\\/explore\\\/hackers-exploit-openmetadata-vulnerability-for-cryptomining-attacks-on-kubernetes\\\/#primaryimage\",\"url\":\"https:\\\/\\\/secry.me\\\/explore\\\/wp-content\\\/uploads\\\/2024\\\/04\\\/OpenMetadata-Exploit.png\",\"contentUrl\":\"https:\\\/\\\/secry.me\\\/explore\\\/wp-content\\\/uploads\\\/2024\\\/04\\\/OpenMetadata-Exploit.png\",\"width\":1280,\"height\":720,\"caption\":\"Hacker Exploit OpenMetadata Vulnerabilities\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/secry.me\\\/explore\\\/hackers-exploit-openmetadata-vulnerability-for-cryptomining-attacks-on-kubernetes\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/secry.me\\\/explore\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Hackers Exploit OpenMetadata Vulnerability for Cryptomining Attacks on Kubernetes\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/secry.me\\\/explore\\\/#website\",\"url\":\"https:\\\/\\\/secry.me\\\/explore\\\/\",\"name\":\"SECRY\",\"description\":\"#1 Cyber [SEC]urity Sto[RY]  -  News &amp; Bug Bounty Story Collections\",\"publisher\":{\"@id\":\"https:\\\/\\\/secry.me\\\/explore\\\/#organization\"},\"alternateName\":\"Security Story\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/secry.me\\\/explore\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/secry.me\\\/explore\\\/#organization\",\"name\":\"#1 Cyber [SEC]urity Sto[RY] - News & Bug Bounty Story Collections\",\"alternateName\":\"SECRY\",\"url\":\"https:\\\/\\\/secry.me\\\/explore\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secry.me\\\/explore\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/secryweb.sirv.com\\\/WP_secry.me\\\/2022\\\/06\\\/cropped-SECRY.webp\",\"contentUrl\":\"https:\\\/\\\/secryweb.sirv.com\\\/WP_secry.me\\\/2022\\\/06\\\/cropped-SECRY.webp\",\"width\":512,\"height\":512,\"caption\":\"#1 Cyber [SEC]urity Sto[RY] - News & Bug Bounty Story Collections\"},\"image\":{\"@id\":\"https:\\\/\\\/secry.me\\\/explore\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/www.facebook.com\\\/secry.me\",\"https:\\\/\\\/pinterest.com\\\/secry_me\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/secry.me\\\/explore\\\/#\\\/schema\\\/person\\\/bf08de9f590b8968a1d054728257190f\",\"name\":\"Christin\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/b5497f25505814356d5235813688d08a9e63670586640e4bb29680889eabcc9b?s=96&d=robohash&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/b5497f25505814356d5235813688d08a9e63670586640e4bb29680889eabcc9b?s=96&d=robohash&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/b5497f25505814356d5235813688d08a9e63670586640e4bb29680889eabcc9b?s=96&d=robohash&r=g\",\"caption\":\"Christin\"},\"description\":\"A cybersecurity practitioner with more than 5 years of experience in the cybersecurity world. Has an interest in creating simple blog websites, learning about SEO and graphic design, writing, AI, and understanding the concepts of journalism. Intentionally created this website to make the world of cybersecurity more engaging by combining it with journalistic principles and presenting cybersecurity stories that are easy to understand, which can help anyone who wants to develop in the cybersecurity world.\",\"sameAs\":[\"https:\\\/\\\/secry.me\\\/explore\"],\"url\":\"https:\\\/\\\/secry.me\\\/explore\\\/author\\\/secry\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"Hackers Exploit OpenMetadata Vulnerability for Cryptomining Attacks on Kubernetes | SECRY","description":"OpenMetadata Vulnerability Exploit - Cryptomining Attacks on Kubernetes - In a concerning development, cybersecurity experts have uncovered an ongoing","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/secry.me\/explore\/hackers-exploit-openmetadata-vulnerability-for-cryptomining-attacks-on-kubernetes\/","og_locale":"en_US","og_type":"article","og_title":"Hackers Exploit OpenMetadata Vulnerability for Cryptomining Attacks on Kubernetes | SECRY","og_description":"OpenMetadata Vulnerability Exploit - Cryptomining Attacks on Kubernetes - In a concerning development, cybersecurity experts have uncovered an ongoing","og_url":"https:\/\/secry.me\/explore\/hackers-exploit-openmetadata-vulnerability-for-cryptomining-attacks-on-kubernetes\/","og_site_name":"SECRY","article_publisher":"https:\/\/www.facebook.com\/secry.me","article_published_time":"2024-04-18T11:35:28+00:00","article_modified_time":"2024-04-19T03:37:28+00:00","og_image":[{"width":1280,"height":720,"url":"https:\/\/secryweb.sirv.com\/WP_secry.me\/2024\/04\/OpenMetadata-Exploit.png","type":"image\/png"}],"author":"Christin","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Christin","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"NewsArticle","@id":"https:\/\/secry.me\/explore\/hackers-exploit-openmetadata-vulnerability-for-cryptomining-attacks-on-kubernetes\/#article","isPartOf":{"@id":"https:\/\/secry.me\/explore\/hackers-exploit-openmetadata-vulnerability-for-cryptomining-attacks-on-kubernetes\/"},"author":{"name":"Christin","@id":"https:\/\/secry.me\/explore\/#\/schema\/person\/bf08de9f590b8968a1d054728257190f"},"headline":"Hackers Exploit OpenMetadata Vulnerability for Cryptomining Attacks on Kubernetes","datePublished":"2024-04-18T11:35:28+00:00","dateModified":"2024-04-19T03:37:28+00:00","mainEntityOfPage":{"@id":"https:\/\/secry.me\/explore\/hackers-exploit-openmetadata-vulnerability-for-cryptomining-attacks-on-kubernetes\/"},"wordCount":542,"commentCount":0,"publisher":{"@id":"https:\/\/secry.me\/explore\/#organization"},"image":{"@id":"https:\/\/secry.me\/explore\/hackers-exploit-openmetadata-vulnerability-for-cryptomining-attacks-on-kubernetes\/#primaryimage"},"thumbnailUrl":"https:\/\/secry.me\/explore\/wp-content\/uploads\/2024\/04\/OpenMetadata-Exploit.png","keywords":["Crypto","CVE","Exploit","Hacker","Kubernetes","Malware","Mining","OpenMetadata"],"articleSection":["Bug Bounty"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/secry.me\/explore\/hackers-exploit-openmetadata-vulnerability-for-cryptomining-attacks-on-kubernetes\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/secry.me\/explore\/hackers-exploit-openmetadata-vulnerability-for-cryptomining-attacks-on-kubernetes\/","url":"https:\/\/secry.me\/explore\/hackers-exploit-openmetadata-vulnerability-for-cryptomining-attacks-on-kubernetes\/","name":"Hackers Exploit OpenMetadata Vulnerability for Cryptomining Attacks on Kubernetes | SECRY","isPartOf":{"@id":"https:\/\/secry.me\/explore\/#website"},"primaryImageOfPage":{"@id":"https:\/\/secry.me\/explore\/hackers-exploit-openmetadata-vulnerability-for-cryptomining-attacks-on-kubernetes\/#primaryimage"},"image":{"@id":"https:\/\/secry.me\/explore\/hackers-exploit-openmetadata-vulnerability-for-cryptomining-attacks-on-kubernetes\/#primaryimage"},"thumbnailUrl":"https:\/\/secry.me\/explore\/wp-content\/uploads\/2024\/04\/OpenMetadata-Exploit.png","datePublished":"2024-04-18T11:35:28+00:00","dateModified":"2024-04-19T03:37:28+00:00","description":"OpenMetadata Vulnerability Exploit - Cryptomining Attacks on Kubernetes - In a concerning development, cybersecurity experts have uncovered an ongoing","breadcrumb":{"@id":"https:\/\/secry.me\/explore\/hackers-exploit-openmetadata-vulnerability-for-cryptomining-attacks-on-kubernetes\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/secry.me\/explore\/hackers-exploit-openmetadata-vulnerability-for-cryptomining-attacks-on-kubernetes\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secry.me\/explore\/hackers-exploit-openmetadata-vulnerability-for-cryptomining-attacks-on-kubernetes\/#primaryimage","url":"https:\/\/secry.me\/explore\/wp-content\/uploads\/2024\/04\/OpenMetadata-Exploit.png","contentUrl":"https:\/\/secry.me\/explore\/wp-content\/uploads\/2024\/04\/OpenMetadata-Exploit.png","width":1280,"height":720,"caption":"Hacker Exploit OpenMetadata Vulnerabilities"},{"@type":"BreadcrumbList","@id":"https:\/\/secry.me\/explore\/hackers-exploit-openmetadata-vulnerability-for-cryptomining-attacks-on-kubernetes\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/secry.me\/explore\/"},{"@type":"ListItem","position":2,"name":"Hackers Exploit OpenMetadata Vulnerability for Cryptomining Attacks on Kubernetes"}]},{"@type":"WebSite","@id":"https:\/\/secry.me\/explore\/#website","url":"https:\/\/secry.me\/explore\/","name":"SECRY","description":"#1 Cyber [SEC]urity Sto[RY]  -  News &amp; Bug Bounty Story Collections","publisher":{"@id":"https:\/\/secry.me\/explore\/#organization"},"alternateName":"Security Story","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/secry.me\/explore\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/secry.me\/explore\/#organization","name":"#1 Cyber [SEC]urity Sto[RY] - News & Bug Bounty Story Collections","alternateName":"SECRY","url":"https:\/\/secry.me\/explore\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secry.me\/explore\/#\/schema\/logo\/image\/","url":"https:\/\/secryweb.sirv.com\/WP_secry.me\/2022\/06\/cropped-SECRY.webp","contentUrl":"https:\/\/secryweb.sirv.com\/WP_secry.me\/2022\/06\/cropped-SECRY.webp","width":512,"height":512,"caption":"#1 Cyber [SEC]urity Sto[RY] - News & Bug Bounty Story Collections"},"image":{"@id":"https:\/\/secry.me\/explore\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/secry.me","https:\/\/pinterest.com\/secry_me"]},{"@type":"Person","@id":"https:\/\/secry.me\/explore\/#\/schema\/person\/bf08de9f590b8968a1d054728257190f","name":"Christin","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/b5497f25505814356d5235813688d08a9e63670586640e4bb29680889eabcc9b?s=96&d=robohash&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/b5497f25505814356d5235813688d08a9e63670586640e4bb29680889eabcc9b?s=96&d=robohash&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/b5497f25505814356d5235813688d08a9e63670586640e4bb29680889eabcc9b?s=96&d=robohash&r=g","caption":"Christin"},"description":"A cybersecurity practitioner with more than 5 years of experience in the cybersecurity world. Has an interest in creating simple blog websites, learning about SEO and graphic design, writing, AI, and understanding the concepts of journalism. Intentionally created this website to make the world of cybersecurity more engaging by combining it with journalistic principles and presenting cybersecurity stories that are easy to understand, which can help anyone who wants to develop in the cybersecurity world.","sameAs":["https:\/\/secry.me\/explore"],"url":"https:\/\/secry.me\/explore\/author\/secry\/"}]}},"_links":{"self":[{"href":"https:\/\/secry.me\/explore\/wp-json\/wp\/v2\/posts\/4579","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/secry.me\/explore\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/secry.me\/explore\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/secry.me\/explore\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/secry.me\/explore\/wp-json\/wp\/v2\/comments?post=4579"}],"version-history":[{"count":14,"href":"https:\/\/secry.me\/explore\/wp-json\/wp\/v2\/posts\/4579\/revisions"}],"predecessor-version":[{"id":4597,"href":"https:\/\/secry.me\/explore\/wp-json\/wp\/v2\/posts\/4579\/revisions\/4597"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/secry.me\/explore\/wp-json\/wp\/v2\/media\/4592"}],"wp:attachment":[{"href":"https:\/\/secry.me\/explore\/wp-json\/wp\/v2\/media?parent=4579"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/secry.me\/explore\/wp-json\/wp\/v2\/categories?post=4579"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/secry.me\/explore\/wp-json\/wp\/v2\/tags?post=4579"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}