How does GCP detect crypto mining within a VM? Are they noticing this because 100% CPU usage? Or DNS queries from the instances? This just happened to us and it would be super helpful to know how GCP can scan it before. |
How does GCP detect crypto mining within a VM? Are they noticing this because 100% CPU usage? Or DNS queries from the instances? This just happened to us and it would be super helpful to know how GCP can scan it before. |
They would have to run this from within the guest, no? I don't like the thought of that.
However, I'd imagine network detection would catch a lot of the larger, automated crypto mining efforts.