Summary: A significant security breach in the software supply chain was discovered when an attacker replaced the legitimate Kong Ingress Controller v.3.4.0 image with a malicious version on DockerHub. This compromised image contained cryptojacking code that directed systems to mine cryptocurrency. The Kong team responded promptly by removing the affected version and releasing a patched version, 3.4.1, to mitigate the issue.
Threat Actor: Unknown | unknown
Victim: Kong | Kong
Keypoints :
- Unauthorized image uploaded to DockerHub contained malicious code for cryptojacking.
- Kong Ingress Controller version 3.4.0 was compromised between December 22nd, 2024 and January 3rd, 2025.
- Organizations are advised to remove the vulnerable image and switch to the patched version 3.4.1 or a clean version of 3.4.0.
Source: https://hackread.com/malicious-kong-ingress-controller-image-dockerhub/