Siloscape: Windows Container Malware That Breaks Kubernetes
In March, Daniel Prizmant, principal security researcher for Palo Alto Networks, uncovered the malware targeting Windows containers, calling the exploit “Siloscape.” In a blog post, he wrote the emergence of such an attack was “not surprising given the massive surge in cloud adoption over the past few years.”
In this edition of The New Stack Makers podcast, Prizmant described what makes Siloscape a threat for Kubernetes clusters — in both Linux and Windows containers.
The New Stack’s Publisher and Founder Alex Williams hosted this episode.
Siloscape: Windows Container Malware That Breaks Kubernetes
Siloscape was designed to abuse a flaw in the architecture of Windows containers, allowing it to “harvest” the processing power of Kubernetes clusters, Prizmant explained. Before the fix was released, it affected anyone managing Kubernetes clusters with Windows containers.
“So, basically, when you have a cluster, it’s enough that one Windows container in the cluster isn’t secured or [correctly] configured,” he said.
“In order to take control of the entire cluster, you can have 100 Linux containers in your cluster — but just a single Windows container can have access to the rest of the cluster, and by that, taking control of the rest of the entire cluster, including the Linux containers,” Prizmant added.
“Siloscape was designed to search for open Windows containers and take control of the rest of the cluster from there.”
Once compromised, a successful Siloscape attacker can access a Web server and, among other things, launch a phishing attack or compromise the database on the server. “The options are endless — it depends on what the victim uses the cluster for,” Prizmant said.
Finding a Vulnerability
When Prizmant joined the Linux team at Palo Alto Networks, he was “the only Windows guy.” He then went about reverse engineering Windows containers and, in doing so, learned about the vulnerability.
“I thought it was important that the community would be aware of it because Microsoft didn’t fix it immediately,” Prizmant said. “They only fixed it a few months ago, but not right away after I reported the issue.”
Microsoft didn’t consider Siloscape to be a vulnerability since it recommends the use of Hyper-V isolation, which Windows Server Containers use and Microsoft claims provide developers with protection since they offer “the same kernel version and configuration that will be used in production.”
In other words: Microsoft did not, for a while, guarantee the security of Windows containers that were not used with Hyper-V isolation.
“They were like, ‘Yeah, it’s not a security issue. We don’t consider the server file to be a security boundary,’” Prizmant said. “And they fixed it anyway.”
In his work, Prizmant noted how many organizations might be reticent about reporting security issues, especially when the organization might disagree that the issue presents a vulnerability.
“No one likes to acknowledge that there is a security issue or vulnerability in their code,” he said. “I’m not saying that’s what happened” in the case of Microsoft and the Siloscape vulnerability.
“They described it as not secured by default. But it did happen with a lot of other organizations.”
