Stopping a DreamBus botnet attack with Aqua’s CNDR
December 2021 by Aqua Security
Aqua Security revealed a real-life scenario where a developer launched a cloud native application that they had mistakenly misconfigured with weak credentials. Only 12 hours later, the environment was attacked by the DreamBus botnet which proceeded to evade defences and run Kinsing malware and cryptominers.
With Aqua’s Cloud Native Detection and Response (CNDR), the attack was alerted in real time and was able to provide insight into how the environment was set up, how the attacker gained access, and how the CNDR was used to detect, investigate, and respond to the attack at cloud speed. If this event was to remain undetected the attackers would have continued hiding, mining cryptocurrency, and would likely cause more damage.