DevOps Articles

Siloscape: Windows Container Malware That Breaks Kubernetes

In March, https://www.linkedin.com/in/prizmant, principal security researcher for https://www.paloaltonetworks.com/cloud-security?utm_content=inline-mention, uncovered the malware targeting Windows containers, calling the exploit “Siloscape.” In a https://unit42.paloaltonetworks.com/siloscape/, he wrote the emergence of such an attack was “not surprising given the massive surge in cloud adoption over the past few years.” In this edition of The New Stack Makers podcast, Prizmant described what makes Siloscape a threat for Kubernetes clusters — in both Linux and Windows containers. Siloscape was designed to abuse a flaw in the architecture of Windows containers, allowing it to “harvest” the processing power of Kubernetes clusters, Prizmant explained. “Siloscape was designed to search for open Windows containers and take control of the rest of the cluster from there.”