Docker Leaks API Secrets & Private Keys, As Cybercriminals Pounce

Container images shared on Docker Hub are leaking sensitive data in the cloud, to the tune of tens of thousands of secrets. And attackers are scooping these up to be used to compromise a wide range of hosts.

Because coding an application and deploying it into another environment can cause errors, developers combine everything together — files, libraries, and dependencies — to be put in containers in the cloud. This makes it easier to create applications that can work across systems. Docker images are a common source for this method of programming, and Docker Hub has millions of private repositories, automated builds, official images provided by Docker, and webhooks that “trigger actions after a successful push to a repository to integrate Docker Hub with other services.”

In a study conducted by researchers at RWTH Aachen University in Germany, it was discovered that the ease with which the Docker framework allows containerization could lead to sharing private keys or API secrets, thus compromising the security of anyone who created or is using the image. The researchers uncovered 52,107 private keys in misconfigured containers, as well as 3,158 leaked API secrets.

They also found that the leaked keys were already being used in the wild. There were 1,060 certificates that used compromised keys, and 275,269 TLS and SSH hosts using “leaked keys for authentication.”

“This widespread usage allows attackers to eavesdrop on confidential or alter sensitive information, e.g., from the IoT, webpages, or databases,” according to the report.

To boot, the researchers found 216 exposed Session Initial Protocol (SIP) hosts for telephones, and 8,165 SMTP, 1,516 POP3, and 1,798 IMAP servers used for emails. These have security implications around Internet-based communications, as these hosts can fall victim to impersonation attacks, allowing threat actors to eavesdrop as well as transmit and alter data.

In conducting this study, the researchers analyzed 337,171 images from Docker Hub as well as 8,076 from private registries.

SEO Powered Content & PR Distribution. Get Amplified Today.
PlatoData.Network Vertical Generative Ai. Empower Yourself. Access Here.
PlatoAiStream. Web3 Intelligence. Knowledge Amplified. Access Here.
PlatoESG. Automotive / EVs, Carbon, CleanTech, Energy, Environment, Solar, Waste Management. Access Here.
BlockOffsets. Modernizing Environmental Offset Ownership. Access Here.
Source: https://www.darkreading.com/cloud/docker-leaks-api-secrets-private-keys-cybercriminals

Generative Data Intelligence

Docker Leaks API Secrets & Private Keys, as Cybercriminals Pounce

Bitcoin Nears $63K in Anticipation of Hong Kong’s Spot Crypto ETF Launch Amidst Diverse Crypto Developments and Regulatory Scrutiny

Anticipation High for Hong Kong Spot Crypto ETF as Bitcoin Hovers at $63K Amidst Global Crypto Developments and Market Dynamics

Latest Intelligence

Bitcoin Hovers at $63K Anticipating Hong Kong ETF Launch Amidst Binance Turmoil and AI-Driven Crypto Insights

Whale-Sized Sell-Off: Ethereum Whales Unload $140 Million in ETH, Sparking Market Volatility and Investor Concerns

Market Shakes as Ethereum Whales Offload $140 Million in ETH: A Dive into Crypto Volatility and Investor Concerns

Ethereum Whales Stir the Waters: A $140 Million ETH Sell-Off Shakes the Crypto Market

Market Mayhem: Ethereum Whales Unload $140 Million in ETH, Prompting Price Plunge and Investor Concerns

Market Mayhem: Ethereum Whales Unload $140M in ETH, Stirring Volatility and Concerns Among Crypto Investors

Chat with us