In the last few weeks, Pax8, a global cloud marketplace for MSPs and the SMBs and enterprises they serve, noticed an uptick in compromised Azure and AWS accounts used for crypto mining. Urging their MSP partners to pay attention, especially during the holiday season when cybercriminals are more prevalent, Pax8 sent an email to its 25,000 MSPs cautioning, “Don’t let your guard down and stay alert.”
The email continued, “We want to remind you of the security guidelines for securing identities and workloads to monitor Azure cost management spending. If you choose not to follow these security guidelines, you are making it easier for malicious actors to succeed and could be at risk for substantial unauthorized charges accumulated by these bad actors.”
Pax8 recommends several steps for MSPs to take, starting with setting up Multi-Factor Authentication (MFA) on Microsoft Accounts, which makes those accounts more resistant to phishing and channel jacking, and cited an article posted by Microsoft on how to enable MFA.
Pax8 also pointed out that Cost Management Alerts can be set up to monitor Azure usage and spending. Cost alerts are automatically generated based on when Azure resources are consumed, and alerts show all active cost management and billing alerts in one place.
“When your consumption reaches a given threshold, alerts are generated by Cost Management,” Pax8 said, referencing another Microsoft article on how to use cost alerts to monitor usage and spending.
Finally, Pax8 suggests MSPs study customer security best practices and recommends that their partners open a support ticket in the Pax8 platform for additional help and guidance.
These threats have been growing throughout 2022, and not just impacting Azure accounts, but AWS and Google accounts as well.
For example, Netskope Threat Labs found that attackers have been creating phishing pages in Google Sites and Microsoft Azure Web App to steal cryptocurrency wallets and accounts from Coinbase, MetaMask, Kraken, and Gemini.
The U.S. Federal Trade Commission warned earlier this year that “Crypto has several features that are attractive to scammers, which may help to explain why the reported losses in 2021 were nearly sixty times what they were in 2018. There’s no bank or other centralized authority to flag suspicious transactions and attempt to stop fraud before it happens. Crypto transfers can’t be reversed – once the money’s gone, there’s no getting it back. And most people are still unfamiliar with how crypto works. These considerations are not unique to crypto transactions, but they all play into the hands of scammers.”
Edited by
Erik Linask