Reply to post: Re: $3500 for having found a risk of that magnitude ?

Microsoft update servers left all Azure RHEL instances hackable

Adam 1 Silver badge

Re: $3500 for having found a risk of that magnitude ?

A blackhat could have mined bitcoin with every new instance of red hat on Azure, pushing a custom version of ps that hides the process and a custom version of ls that masks the version details of ps. Setting up a 24 hour "do nothing" on first start would make this really hard to detect as would throttling the computations to say 25% of the CPU in a low priority process.

3500 is a joke given that risk.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019