How to detect Crypto Mining with Sysdig Secure

How to detect Crypto Mining with Sysdig Secure

Jan 10, 2023

Detecting a crypto (bitcoin, monero, etc.) miner malware is essential to prevent a cryptojacking attack. Learn how to detect and prevent these mining attacks!

Cryptojacking is a cybercrime in which another party’s computing resources are hijacked to mine cryptocurrency.
#CryptoJacking, which is also referred to as malicious cryptomining, lets hackers mine crypto currency (like bitcoin, monero, ethereum, etc.) without paying for electricity, hardware and other mining resources.

The tools used in these attacks (like xmrig), are often hidden with techniques similar to other malware.
There are however open source tools (like Falco) that help in detection and removal of these kinds of miners.

In this video, we will discuss how Sysdig Secure can easily detect and remediate cryptojacking in container workloads running on Kubernetes.

For more information on how we use Open Source Falco to detect this attacks, visit the Sysdig blog:


0:00 Intro

0:17 Cryptominer in a container

1:00 Detecting Cryptomining in kubernetes clusters

4:22 Preventing Cryptomining via Drift Detection

5:33 Preventing Cryptomining via Machine Learning detection

6:38 Outro