0
  • Home
  • Blog
  • Analysis of a Kubernetes hack — Backdooring through kubelet by Alexander Urcioli

Analysis of a Kubernetes hack — Backdooring through kubelet by Alexander Urcioli

(171 views)

Unless you’ve been living under a rock for the past three years, you’ve probably heard about Kubernetes. At Handy, our infrastructure is backed by a multi-cluster Kubernetes ecosystem that drives our development, CI/CD, and production environments. You could say we are big advocates and users of Kubernetes at Handy, which is why we were both surprised and intrigued to learn that our coworker’s personal Kubernetes cluster was hacked this past weekend. We’re very glad it happened as it opened our eyes to a perhaps not so well known security “gotcha” in Kubernetes. In this article we will explore how our coworker’s cluster was hacked and how we recreated this attack in our own cluster as a proof of concept. This method of attack was tested in Kubernetes 1.9 but may also affect older clusters. DISCLAIMER: This article is regarding the compromise of a personal server owned by a coworker, not....

Read the rest of this story with a free account.

Already have an account? Sign in

February 11, 2019
Subscribe
Notify of
guest
1 Comment
Newest
Oldest Most Voted
Inline Feedbacks
View all comments
Get unlimited access

Become an Instructor

Become a Reviewer

Writing on Hakin9

LOOKING for a JOB in IT security?



© HAKIN9 MEDIA SP. Z O.O. SP. K. 2023
What certifications or qualifications do you hold?
Max. file size: 150 MB.
Please review your information and consent to the processing of your personal data.(Required)
What level of experience should the ideal candidate have?
What certifications or qualifications are preferred?
Please review your information and consent to the processing of your personal data.(Required)

Download Free eBook

Step 1 of 4

Name(Required)

We’re committed to your privacy. Hakin9 uses the information you provide to us to contact you about our relevant content, products, and services. You may unsubscribe from these communications at any time. For more information, check out our Privacy Policy.