Google Cloud Adds Crypto Mining Malware Detection Tool

google cloud crypto mining malware detection

Google Cloud has expanded its range of security features to address the growing threat of illegal cryptocurrency mining as more companies adopt cloud storage technology.

To protect Google Cloud clients and the virtual machines running on its infrastructure, the company unveiled its newest threat detection layer, Virtual Machine Threat Detection (VMTD). 

Illegal cryptocurrency mining is one of the most common exploits of compromised remote storage accounts. Digital asset mining typically requires large amounts of computing power, which Google Cloud customers happen to pay for.  

The new Virtual Machine Threat Detection (VMTD) tool utilizes an agentless memory scanning that assists in detecting cryptocurrency mining malware as well as other threats such as data exfiltration and ransomware in virtual machines. 

This means that VMTD users will be empowered to detect malicious behavior in their VMs without installing any additional software that could impact performance or increase the risk of a potential attack.

“Not running an agent inside of their instance means less performance impact, lowered operational burden for agent deployment and management, and exposing less attack surface to potential adversaries,” explained the Google team.

The VMTD feature is currently only available as a public preview for Google Cloud’s Security Command Center Premium customers. The company expects to be able to make the tool available to all of its customers within the next few months. In the meantime, the Google Cloud team is planning the steady release of new detection capabilities and integrations for other aspects that fall under the Google Cloud infrastructure purview.

The Use of Hacked Accounts to Mine Crypto

As more organizations worldwide continue to shift to employing cloud services and technologies, they have become common targets for hackers.

Compromised cloud accounts make up the majority of illegal cryptocurrency mining exploits. According to Google, 86% of its compromised cloud instances were used to mine digital currencies in 2021. In some cases, malicious actors installed crypto mining malware just 22 seconds after compromising the victim cloud accounts.

Illegal cryptocurrency mining typically consumes the CPU/GPU resources and storage space of the computer without the owner’s knowledge.

Many successful attacks happen due to poor customer security practices, and are enabled by weak or even a lack of passwords at all, or via the installation of vulnerable third-party software explains Google.


Join to get the flipside of crypto


Upgrade your inbox and get our DailyCoin editors’ picks 1x a week delivered straight to your inbox.

    You can always unsubscribe with just 1 click.

    This article is for information purposes only and should not be considered trading or investment advice. Nothing herein shall be construed to be financial legal or tax advice. Trading Forex, cryptocurrencies, and CFDs poses a considerable risk of loss


    Simona is an editor and author at DailyCoin focusing on the areas where decentralized money meets big centralized capital. She joined DailyCoin in early 2020 after spending years working with advertising and PR for banks and venture capital firms. She stepped into crypto in early 2018, got burned, but discovered a passion for trading. Simona personally holds Bitcoin (BTC).