Over 2 Million Malicious Repositories Planted on Docker Hub

Summary:

Since the start of 2021, Docker Hub users have faced three significant campaigns, each disseminating millions of repositories containing malware and phishing sites. These campaigns utilized distinct strategies for creating and distributing the malicious repositories. The “Website SEO” campaign focused on establishing a few fake repositories daily, with each repository associated with a single user. In contrast, the “Downloader” and “eBook Phishing” initiatives opted for bulk creation of false repositories.

Threat Level – Red | Attack Report

To receive real-time threat advisories, please follow HiveForce Labs on LinkedIn.