This site may contain outdated or incomplete information.
Researchers at Sysdig find over 1650 malicious containers in public Docker Hub
Docker Hub is the largest library and community for container images.
Impact
There are hundreds of thousands of publicly available container images at the freely available Docker Hub library. Researchers at Sysdig scanned over 250,000 unverified Linux images and identified 1,652 that were malicious. Crypto-miners represented the largest category, though significant numbers of embedded secrets and proxy avoidance tools were also found.
“Unfortunately, the size of the Docker Hub public library does not allow its operators to scrutinize all uploads daily; hence many malicious images go unreported.
“Sysdig also noticed that most threat actors only upload a couple of malicious images, so even if a risky image is removed and the uploader is banned, it doesn’t significantly impact the platform’s threat landscape.”
Type of Compromise
This incident fits the Publishing Infrastructure definition.
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.